Web application firewalls finding increasing use: Frost

• Asia Pacific WAF market earned revenues of more than US$103.1 million in 2012; to reach US$747.1 million in 2019
• Regulatory mandates have however given perception that WAF is merely an obligation for compliance and not a necessary tool

THE increasing use of web applications in enterprises, along with the rise in cyber-attacks and regulatory requirements, has lent momentum to the web application firewall (WAF) market in Asia Pacific.
 
While standalone WAF dominates the market, the integration of WAF with other platforms will become popular as well, the consulting firm said in a statement.
 
New analysis from Frost & Sullivan on the Asia-Pacific Web Application Firewall Market found that the market earned revenues of more than US$103.1 million in 2012 and estimates this to reach US$747.1 million in 2019, at a compound annual growth rate of 32.7%.
 
China is expected to surpass South Korea and become the largest WAF market, even as the markets in Indonesia and Australia grow significantly.

The proliferation of mobile devices and cloud computing technology in the workplace has heightened enterprise reliance on web applications to drive business processes.

“Hence, the need to secure web infrastructure, avoid website downtime issues and, thereby, reduce costs and ensure business continuity has encouraged the installation of WAF systems in companies in Asia Pacific,” said Frost & Sullivan ICT industry manager Cathy Huang.
 
“The vulnerability of web applications to sophisticated cyber-attacks has further prompted organisations across verticals, including in government and financial institutions, to turn to WAF solutions for security,” she added.
 
Regulations have contributed to the development of the WAF market in Asia Pacific. Moreover, local policies regarding the protection of personal information have made it necessary for firms to adopt WAF, particularly in Japan and South Korea.

However, these mandates have also given rise to the perception that WAF is merely an obligation for compliance and not a necessary tool to protect web applications against attacks, Frost & Sullivan said.
 
As a result, several companies prefer WAF technology as a minor feature rather than a dedicated application.

The impression among organisations that WAF solutions are technically inadequate to protect from cyber-attacks, along with the complexity involved in the management of WAF, has slowed down uptake too.
 
Insufficient budgets hinder sales in less mature markets such as India. Therefore, educating businesses on the role of WAF in mitigating attacks is crucial for market expansion.

“The ability of vendors to provide cost-effective WAF solutions as well as WAF-as-a-service will be a critical differentiator for success in the Asia Pacific market,” said Huang.
 
“Managed WAF services will become prominent in the coming years, offering added opportunities for security vendors and service providers in the region.”
 
Related Story:
 
App security testing to become mainstream soon: Veracode
 

For more technology news and the latest updates, follow @dnewsasia on Twitter or Like us on Facebook.