Cloud WAF is a service that protects online applications and APIs from a number of assaults, including OWASP Top 10 threats, DDoS attacks, bot attacks, and Zero-Day attacks, which exploit previously unpatched or undiscovered software or system vulnerabilities.

This service is an easy-to-install and administer WAF-as-a-Service platform that uses machine learning to avoid attacks and malfunctions. The application also includes a reporting tool for analyzing sources, types of attacks, and other data that other WAFs do not provide.

This service is appropriate for

  • An organization or agency with a website must follow the OWASP Security Top 10 standard.
  • An organization or agency running a web application or has an API connection and wishes to avoid attacks.
  • E-commerce and online businesses are examples of companies or agencies that primarily operate online.
  • Government agencies prioritize information security in their public-facing systems.
  • Supports web apps both on-premises and in the cloud.

Benefits

  • Cloud WAF with Machine Learning protects against Zero-Day attacks and other dangers, reducing administrative burden.
  • This platform's installation is rapid and simple, allowing WAF users to manage and activate in a matter of minutes. Simultaneously, a professional WAF engineer may manage and alter the settings immediately.

How it works?

Feature

Web Security

  • AI-based machine learning
  • Automatic profiling (allow list)
  • Web server and application signatures (deny list)
  • IP address reputation
  • IP address geolocation
  • HTTP RFC compliance
  • Native support for HTTP/2
  • OpenAPI 3.0 verification
  • WebSocket protection and signature enforcement
  • Man-in-the-Browser (MiTB) protection

Security Services

  • Web services signatures
  • XML and JSON protocol conformance
  • Malware detection
  • Protocol validation
  • Brute-force protection
  • Cookie signing and encryption
  • Threat scoring and weighting
  • Syntax-based SQLi detection
  • HTTP header security
  • Operating system intrusion signatures
  • Known threat and zero-day attack protection
  • DDoS prevention
  • Data loss prevention

Management and Reporting

  • Web user interface
  • View graphical analysis and reporting tools
  • Centralized logging and reporting
  • User/device tracking
  • Real-time dashboards
  • Bot dashboard
  • OWASP Top 10 attack categorization
  • Geo IP analytics

Application Attack Protection

  • OWASP Top 10
  • Cross-site scripting
  • SQL injection
  • Cross-site request forgery
  • Session hijacking
  • File upload scanning with AV and sandbox

Request Information of Cloud WAF

 

Business Solution
  • Address: 2/4 Chubb Tower 10th Floor, Vibhavadee-Rangsit Road, Thungsonghong, Laksi, Bangkok 10210
  • Telephone: 0-2779-7999
  • Email: consultantksc@ksc.net