In business, internet-connected resources are everywhere—from internal systems (ERP, CMS, CRM, etc.) to external, customer-facing tools, such as corporate websites and online services. Organizations use these systems to deliver value to their customers, ensuring they perform faster and with greater simplicity than their market rivals. Web apps can also make business processes more efficient—driving down costs and saving time and resources.
But as web applications use grows rapidly, so does the number and complexity of web threats. Our research shows web apps are the weakest link, offering easy access not only to application data, but the entire corporate infrastructure. Our analysis found hackers could successfully overcome an organization's perimeter by exploiting web vulnerabilities in 77 percent of the apps examined. Additional studies by our expert team suggest no web application is entirely free of flaws, with over 70 percent containing critical vulnerabilities.
And you don't just have to take our word for it. The Verizon 2016 Report named web app attacks as the No. 1 source of data breaches, responsible for 40 percent of data breaches in 2016—up from around 7 percent in 2015.
To address this serious level of operational risk, organizations need thorough WAF protection for their web-based resources.
Positive Technologies Application FirewallTM (PT AF) is a modern response to the constantly evolving web threat landscape. It combines real-time analytics, innovative technologies, and proven approaches to deliver proactive and continuous protection of all your internet-accessible applications against both known and unknown attacks. This includes the OWASP Top 10, automated and client-side attacks, and zero-days.
Our web application firewall is the result of over 15 years of practical security research and is regularly updated and enhanced to reflect the findings of this same deep, worldwide analysis.
Protection technologies and approaches
- True machine learning against zero-days
PT AF's advanced machine learning techniques ensure it instantly and accurately detects both known and unknown attacks, including zero-days. Our WAF doesn't need to be taught about your app's normal operations because it can teach itself. This smart automation reduces the amount of human intervention required to keep your apps secure.
- Smart correlation to accurately detect major threats
Sophisticated correlation mechanisms thoroughly analyze data such as application fingerprints, vulnerabilities, user tracking, etc., to identify attack chains and precisely detect major threats with the minimum of false alarms.
- Unique P-Code technology for targeted real-time protection
PT AF's unique built-in source code analysis module (P-Code) detects vulnerabilities and creates instant "virtual patches." These block any attempts to exploit the specific flaws in your code until your development team has fixed them. PT AF can be also integrated with our application security testing (AST) tool PT Application Inspector to promote secure development processes.
- Continuous automated user profiling against L7 DDoS and automated attacks
Thanks to continuous user behavior profiling, based on smart machine learning techniques, PT AF offers proactive protection against L7 DDoS and automated attacks (crawlers, spammers, attacker tools). Constantly learning from real data, the product creates a profile of normal user behavior and compares it to all other activities that may be different and thus dangerous. This means it not only detects but also predicts L7 DDoS and automated bot attacks, without impacting real users' and good bots' activities.
- WAF.js module tackles client-side attacks
- Extensive integration capabilities for multilayer protection
To proactively block suspicious user activities throughout the organization, PT AF can be integrated with other security systems such as Check Point and Arbor. Integrations with SIEM systems such as ArcSight, QRadar, Check Point SmartCenter, and our advanced solution PT SIEM, also enable protection of the entire perimeter while providing synchronized correlation of all security events (not only related to web apps) within a single interface.
- Data masking for maximum confidentiality of end-user data
PT AF can identify and hide (mask) private data such as payment card numbers, passport information, etc., from third parties, including PT AF administrators—ensuring your end-users' data stays private.
Easy deployment and usability
- Simple interface and predefined security templates—for quick start
PT AF can be rapidly deployed in several modes (L2 Bridge, Transparent proxy, etc.). Set-up time is reduced thanks to standard configuration wizards, pre-defined security templates, automatic detection of protected apps, and other automated features available via the intuitive interface.
- Automated, granular fine-tuning to configure product "on the fly"
PT AF presents a variety of options for fine-tuning your protection. Pre-defined security templates can be applied to any number of protected apps—or their individual parts—in just a few clicks. Administrators also enjoy highly flexible management of rules and actions without devoting significant time and effort to configuration tasks.
- Real-time, expert protection
The PT Global Research Center monitors user input and threats worldwide in real time. Product updates are regularly and automatically released to protect our customers from the latest security challenges revealed by our deep analysis of this research data. Together with continuous upgrades to add new, more advanced technologies, this ensures PT AF provides proactive protection from emerging attacks before they strike.
Thanks to its high level of automation, PT AF can be deployed and configured within minutes, even by administrators without a deep technical background. This helps organizations to save their time and resources, no matter how many web apps they have and how complex the apps are.
Our unique P-Code technology helps to avoid any damaging interruptions to your app availability by offering instant, targeted protection against vulnerabilities that have not been fixed yet. If other minor defects are detected, PT AF can also help to keep the app running normally for end-users while defects are being fixed on the backend. This lets your business processes run smoothly and more efficiently.
PT AF's automation dramatically simplifies every-day management of application security. It enhances productivity by highlighting the most urgent risks. This frees up security teams to concentrate on tackling these important issues, instead of the time-consuming routine administration tasks typically involved in maintaining traditional firewalls and IDS/IPS.
PT AF can be deployed as a hardware appliance or virtual appliance, depending on your IT policy. It is fully cloud-ready (SaaS, VAS, MSS) and a great choice for secure application hosting. PT AF is also available in the public cloud (Microsoft Azure).
Using PT AF can help organizations to comply with PCI DSS and other international, national, and corporate standards.
Request a free trial
Please fill in the form