How Wallarm WAF works
Unlike default cloud WAFs, Wallarm automates protection for apps and APIs with no manual tuning and investments into ongoing maintenance allowing the team to focus on different tasks. It scales. It works.
Start your PoC today
415 Brannan St, San Francisco, CA 94107
(415)940-7077
request@wallarm.com
2020 © Wallarm Inc.
When to consider Wallarm WAF?
98%
of the customers use Wallarm WAF in full blocking mode
Near-zero False Positives
10K
10K protected applications and API’s
80
80 integrations and supported platforms
24/7
support in POC
and in production
Start your trial today!
Team is unhappy with with the legacy WAF
Need to protect APIs and microservices
Get Security and Developers into shared workflows
Adopting
cloud-native infrastructure
Migrating to multi-cloud / multi-CDN environments
Meet PCI DSS, SOC2 and other compliance requirements
Replace your yesterday’s WAF
Deploy in cloud
Wallarm
Your legacy WAF
Up in 30 minutes
Built for it
Low. No tuning.
Just works
Doesn’t break apps
Finds exploitable issues
Hard, not scalable
Poor or zero
High. Requires tuning
Nightmare. Not usable.
False positives kill it
Zero
API protection
TCO
Blocking mode
CI/CD readiness
Vulns detection
Protect modern applications on the web scale and meet security compliance
Cloud-Native NGWAF
App Exposure
Identify apps and API that require protection and discover vulnerabilities
API Threat Protection
Secure your exposed API and internal microservices in zero-trust environments
Universal protection for all your APIs
Against a full spectrum of threats
OWASP Top 10
OWASP Top 10 API
API Abuse
Credential Stuffing /
Account Takeover
Universal solution to protect APIs
SOAP / XML-RPC
any XML-based
REST/RESTFul
any JSON-based
GraphQL NEW!
gRPC NEW!
Deep API Request Inspection
Super-fast analysis of API calls for the payloads that can be harmful
Intelligent Parsing
Run w/o configuration
Doesn’t require schema
Automatically recognize data formats
Apply necessary parsers/decores
Apply chain of parsers
Works great in CI/CD
App Exposure Vulnerability scanner
You can’t protect what you don’t know
Track changes in your attack surface
Discover attack surface and shadow resources
Domains. Servers. Services.
Wallarm protects hundreds of Hi-Tech Companies globally
Optimised for performance
Streaming mode for near-zero latency
Single solution for your web exposure:
Product Demo
Dashboard functionality overview for Wallarm Automated Cloud Application Security Platform
Dissecting One Attack
Wallarm Automated Cloud Application Security Platform: Dissecting one attack
API Deep Request Inspection
Wallarm Automated Cloud Application Security Platform:
API Deep Request Inspection
#1 Attack Detection
Wallarm Nodes mitigates attacks in real-time, locally
OWASP Top 10 Threats
Account Takeover
Business Logic Attacks
Misconfiguration
API Abuse
No RegExps
Strong bypass Resistance
libDetection, signature-free based on grammar analysis
Real-time blocking. Near zero latency
Combination of unique detection techniques
#2 Gain Low TCO.
Near-zero False Positives
Use you WAF in blocking mode!
Wallarm’s new libDetection and core signature-less attack detection provides low false positive from day one.
Metadata continuously collected from nodes helps to refine rules to make them application-specific
Automation
24/7 team of analysts
#3 The Only WAF with
Automated Incident Analysis
Active Verification of every detected attack with the cloud-based scanner.
Finding app-specific vulnerabilities using hacker / bug hunters intelligence
Prioritizing potential security incidents
Passive scans — verifying app responses to incoming requests.
Black-box scans for well-known vulnerabilities
