- Protects users and sensitive data
- Keeps your apps online
- Protects access to your network
- Meets compliance requirements
What is it?
A Cloud-Based, Managed Web Application Firewall
Alert Logic WAF is a fully managed security layer that protects your web applications, APIs and critical digital services against attacks. It provides uninterrupted application security with continuously updated threat intelligence, automated rules and 24/7 expert support.
Realize the Full Potential of WAF Features at the Enterprise Level
The First Line of Defense Against Modern App Attacks
From SQL Injection to Zero-Day exploits, your web applications are constantly in the crosshairs. Alert Logic WAF blocks OWASP Top 10 risks, bot traffic and malicious requests in real-time, stopping data breaches before they happen.
Full Visibility + Smart Blocking = Uninterrupted Security
Alert Logic WAF continuously protects your applications with behavior analytics, automated rule generation, 24/7 SOC expert monitoring and instant threat response. It is compatible with modern DevSecOps processes, effortlessly deploys and automatically scales to any scale.
Key Features
OWASP and CWE coverage
Protection against exploits for OWASP Top 10 and CWE Top 25 software vulnerabilities through a combination of negative security signatures and positive security profiles.
DDoS Protection
Abnormally high traffic volumes (L7) are routed and absorbed by large public cloud providers, mitigating even the most extreme DDoS attacks. CAPTCHA and silent attacks prevent legitimate users from being affected.
Client Protection
Protect your users and exceed the new PCI DSS 4.0 requirements with industry-leading controls that eliminate both mirrored and inline (stored) cross-site scripting (XSS) attacks.
API Protection
Protect exposed APIs from app and DDoS attacks with targeted policies determined by automated API discovery and mapping.
Threat Detection Revealing Zero-day
Our global threat research team offers a broad set of signatures for emerging proof-of-threat proof-of-concept exploits, enabling the capture of Zero-day and targeted virtual patches.
Rule and Behavior Based Detection
Session anomaly detection, usage-based application machine learning detections combine with a broad set of signatures to defend against attacks on web applications.
Protection Against Credential Attacks
Protect your web applications against Brute Force Attack and Stuffing Attack using stolen credentials, including credential stuffing attacks.
BOT Management
Protect against automated attacks and unwanted data collection bots, including session anomaly detection, interrogation and CAPTCHA actions.
Virtual Patch
Critical vulnerabilities need to be patched within 15 days. Close this gap with managed virtual patching for more than 100 leading applications and ensure continuous protection between patch cycles.
Dynamic Trust-Based Policies
Trust scores are dynamically assigned to each connection based on Fortra's threat intelligence and the behavior of the source connection, minimizing false-positives and maximizing protections.
Auto Scaling and High Availability Setup
Flexible deployment options allow you to choose the best way to implement our virtual web application firewall for each environment.
Application Deployment Controls
Leverage features such as virtual hosts, load balancing, caching and acceleration to simplify operations and improve network performance.
Additional WAF Controls
Our managed web application firewall as a service offers a full feature set, including end-to-end encryption, rate limiting, data masking, connection restriction and more.