The demand for Web-based application protection to prevent potential data breaches continued to increase significantly across the Asia-Pacific region. Several factors are driving the rapid growth of the market, including the rising Internet penetration, more organizations shifting their business services onto the Web, tightening international compliances and local regulations related to data protection.
The cloud-based WAF segments experienced an impressive growth rate of 88.9 percent, greatly contributing to the strong growth of the overall WAF market at 27.6 percent year-on-year growth in 2016. “However, the increasing buzz around Advanced Persistent Threats (APT) and innovative malware attacks will drive customers to prioritize solutions to defend against these threats,” said Frost & Sullivan Industry Analyst Vu Anh Tien.
“For most companies with limited security budgets and low priority given to WAF solutions will be key challenges for WAF vendors. Lack of skilled resources to manage the WAF may also exacerbate the situation,” he added. Asia-Pacific Web Application Firewall Solutions Market, Forecast to 2021, recent research from Frost & Sullivan’s Network Security Growth Partnership Service program, finds that the WAF market in most APAC countries, especially China, Hong Kong, India and Singapore, is growing strongly. This is due to the escalation of sophisticated attacks on web applications which drives the need for WAF capabilities to protect on-premises, virtual and cloud applications. Key market players in the region include Imperva, F5 Networks, Penta Security, Akamai, Barracuda Networks, NSFOCUS, and Venustech.
Areas with robust growth opportunities in the APAC WAF solution market include:
Software development and IT operations (DevOps) security control: WAF vendors must consider integrating closely, either organically or through partnerships, with software and vulnerable software security tools to provide a holistic approach to DevOps security.
Threat intelligence: Government and enterprise organizations are heavily investing in threat intelligence feeds to improve their cyber consciousness and gain valuable data for their security operation centers. WAF vendors can provide threat intelligence feeds as a service, and partner with ingestion platform providers that can correlate and present the information with other threat feeds.
Automotive cyber security: The automotive industry is currently investing in smart vehicles as the next phase of their digital growth strategy. Critical vulnerabilities that can be targeted by cyber-attacks to override the operation of the car pose a safety threat to drivers. WAF vendors can develop solutions with the right form factor for embedding in smart vehicles. With smart automotives in the nascent stage, especially for Asia-based manufacturers, WAF security vendors must get involved in the design of the smart systems.
“Virtual WAF and cloud-based WAF are seen as the best choices for organizations to protect their virtual assets in the cloud. This is mostly true in mature markets such as Australia, Japan, China, Singapore, India and South Korea, with their mass adoption of virtualization and cloud services,” said Tien.
“In emerging markets, cloud-based WAF, with its advantages in terms of affordability, flexibility and being management-free, will fit requirements of most enterprises, particularly small and medium businesses and those adopting hybrid security models,” he explained.