Overview

Wallarm is a Next Gen WAF with hybrid architecture uniquely suited for cloud applications. It applies machine learning to traffic to adaptively generate security rules and verifies the impact of malicious payloads in real time. Wallarm is ideal for DevOps and security professionals looking for a security solution to protect their modern web applications and APIs from OWASP Top 10 attacks and malicious bots.

Wallarm products have many deployment options for a simple installation process. Wallarm hybrid architecture makes it easily installable in either on-premises or cloud environments.

Signature-free WAF

  • Use machine-learning to derive API and app logic from HTTP traffic.
  • Statistical analysis to find abnormalities in data and user behavior instead of signatures.
  • Use “hacker-intelligence”. Generate security rules from malicious activities seen anywhere by Wallarm Cloud.

Low false positives

  • Blocking rules are customized for every protected application and API
  • Automatic security rules are updated after every application release.

Selective blocking

  • Block a single compromised API call/request – not the entire IP address.

Cloud-optimized

  • Keeps traffic inside customer’s infrastructure.
  • Operates at the speed of load-balancer.
  • Automatically discovers cloud-facing services (discover phase).

Threat verification

  • Active vulnerability detection: Detected attacks are replayed against the application to validate potential vulnerabilities that might result in exploits.
  • Passive vulnerability detection: Application responses are monitored for abnormalities.

Inspect Application Traffic

Wallarm nodes monitor HTTP traffic, flag requests that do not fit application security rules or data bounds and block API calls which pose threats.

Identify behavioral attacks comprised of series of requests

Parse nested protocols and identify obfuscated and/or malicious payloads

Block requests that might result in exploits

Create & Update Customized Security Rules
Wallarm Node sends anonymized statistical data on application traffic to Wallarm Cloud for machine learning analysis. Wallarm Cloud generates customized security rules based on this statistical information and uses these rules to update the Wallarm Node every 15 minutes.

Three layers of machine learning are used to reconstruct application logic based on the traffic

User requests and responses are used to generate application specific security rules

Verify Threats

Active Threat Verification approach is unique for Wallarm. All detected attacks are replayed against the application to see if any of them exploit existing vulnerabilities allowing team to focus on real threats and eliminate noise

Vulnerabilities and the payloads that triggered them are described in easy to understand language with ready-to use developer tickets generated via issue-tracking system integrations

Schedule a live product demo
Got it! Thanks for your interest. We will contact you shortly.
 
I'm interested in:
Deployments: