Product Overview
Product Overview¶
Web Application Firewall (WAF) is an AI-powered, all-in-one solution for operational risk protection of web businesses.
By leveraging dual-engine detection (AI + rules) to identify malicious traffic, it safeguards website security and enhances the reliability of web services. Through BOT behavior analysis, it defends against malicious access attempts, protecting core business operations and data security.
WAF offers two deployment types: cloud-based WAF and customized private WAF. Both provide equivalent security capabilities but differ in access methods.
WAF effectively defends against OWASP attacks such as SQL injection, XSS cross-site scripting, trojan uploads, and unauthorized access. Additionally, it filters CC attacks, provides 0day vulnerability patches, prevents webpage tampering, and employs multi-layered measures to comprehensively protect website systems and business security.
Key Features¶
| Feature | Description |
|---|---|
| AI + Web Application Firewall | AI and rule-based web attack detection with anti-bypass, low false negatives/positives, and precise defense against common OWASP Top 10 threats (e.g., SQL injection, unauthorized access, XSS, CSRF, Webshell uploads). |
| 0day Vulnerability Protection | 24/7 monitoring with proactive discovery and response. High-risk web vulnerabilities are patched within 24 hours via virtual patches. Protected users gain immediate 0day attack mitigation without manual intervention, significantly reducing vulnerability response cycles. |
| Webpage Tamper Protection | Core webpage content can be cached in the cloud and served as "digital decoys," preventing negative impacts from unauthorized modifications. |
| Data Leakage Prevention | Combines server application hiding (pre-attack), intrusion protection (during attack), and sensitive data masking (post-attack) strategies to prevent backend database theft. |
| Intelligent CC Attack Protection | AI-driven CC protection analyzes origin server anomalies (timeouts, latency) and behavioral big data to generate defense policies. Multi-dimensional access controls, human-machine verification, and frequency throttling efficiently filter junk traffic and mitigate CC attacks. |
| Bot Management | AI + rule-based management of web crawlers and BOTs mitigates risks like data leaks, content theft, price scraping, inventory snooping, black-hat SEO, and business strategy exposure. |
| API Security | Protects APIs from malicious attacks/abuse. Auto-discovers APIs in business traffic to inventory and classify known/unknown API assets, building API profiles. Threat detection and data identification engines provide attack prevention, anti-theft, anti-abuse, and data protection. |
| 1Tbps DDoS Protection | Supports BGP, telecom, and IP-based node access with 1Tbps scrubbing capacity. Global acceleration and intelligent node scheduling ensure low-latency access across regions, enabling seamless cloud WAF deployment without perceptible impact on website speed. |
| Advanced Features | Custom Rules: Create rules to protect websites/APIs from malicious traffic using WAF attack scoring and content scanning. Rate Limiting: Define thresholds for matched requests and actions upon exceeding limits. |
Why You Need Web Application Firewall¶
WAF provides effective defense in these scenarios to ensure enterprise website and business security:
Data Breaches (Core Asset Leaks): As the gateway to critical assets, web portals are prime targets for hackers, potentially causing irreversible losses.
Malicious Access/Data Scraping (Service Disruption/Competitive Exploitation): CC attacks from botnets exhaust resources, while scrapers steal core content (e.g., blogs, job postings, forum/retail comments). Competitors may scrape product details, or "coupon hunters" exploit pricing loopholes.
Website Defacement/Malware (Reputation Damage): Attackers inject malicious code to hijack user sessions, insert illegal links, or alter content—severely impacting operations and brand image.
Framework Vulnerabilities (Patch Gap Exploitation): Popular frameworks (e.g., Structs2, Spring, WordPress) frequently disclose vulnerabilities. The window between disclosure and patch deployment is high-risk, as attacks often proliferate within 24 hours.
CC Attacks (Service Outages/Resource Drain): A low-cost attack method to disrupt businesses by overwhelming servers with traffic, causing downtime. The operational and reputational fallout is severe, with defenders often left reactive.