Our web application firewall is an innovative protection system that detects and blocks attacks including the OWASP Top 10, WASC, layer 7 DDoS, and zero-day attacks with pinpoint accuracy. It ensures continuous security for applications, APIs, users, and infrastructure while supporting compliance with security standards including PCI DSS.
Ensure quick start and rapid uptake
Thanks to a large number of delivery and deployment options, our WAF can be quickly and easily deployed on any infrastructure, for applications of any type and level of complexity.
Get all-around, all-the-time protection
PT AF is more than just an ordinary tool in your IT security infrastructure. State-of-the-art technologies and integrations, such as with PT Application Inspector, provide comprehensive and continuous protection for your apps (even ones with continuous development cycles), users, and infrastructure.
Watch video about PT AF
Why PT AF
Benefit from maximum security with a minimum of fuss
Powerful features, including machine learning, ensure unmatched web security—while extensive automation makes administration more hands-off than ever before.
A physical server running PT Application Firewall is installed on the client premises. The following modes are supported: inline (transparent proxy, reverse proxy, L2 network bridge), monitoring, and autonomous.
The WAF virtual appliance is deployed on the client's dedicated virtual infrastructure (such as VMware vSphere). Modes are the same as listed for the hardware appliance.
Cloud: private, public (Microsoft Azure), or hybrid
Modes are the same as listed for the hardware appliance. Deployment of our web app firewall in a Microsoft Azure public cloud takes literally one click from Azure Marketplace.
SaaS: administration by Positive Technologies or the client
If you are unable to install and maintain high-load systems of your own, or simply desire more flexible pricing—such as paying just for traffic actually used or for the period of time most convenient for you—consider the software as a service (SaaS) model as a way to avoid the upfront costs of an on-premise solution.
PT AF is hosted on Positive Technologies infrastructure, which is responsible for the following tasks: analyzing traffic, generating reports, handling and storing security incidents, and managing product configuration. You simply direct your traffic to us, we process it, and the processed traffic is returned to you via the Internet.
IaaS: client or MSS provider
Our WAF can be deployed under the infrastructure as a service (IaaS) model at your company or at a third party (such as an MSS provider). Unlike the SaaS option, in this case traffic is analyzed only on systems owned by you or the third party, in accordance with the Positive Technologies data handling policy. Positive Technologies infrastructure is used to generate reports, process and store security incidents, and manage product configuration.
Stay compliant with major standards
PT AF helps to ensure compliance with PCI DSS and other international, national, industry, and corporate security standards.
With PT AF, telecom and electronics retailer Svyaznoy can protect over 10 of its online services (including Svyaznoy.ru) and 15 million site visitors:"We tried out a great many solutions. The product from Positive Technologies met absolutely all of our requirements. PT AF detected attacks that others could not. Moreover, we are acquainted with the top-notch team at Positive Technologies and have seen them go from strength to strength, giving us confidence that PT AF will continue to be the product others will try to beat."
MegaFon relies on the solution to protect 12 key web systems that handle up to 60,000 user requests per second:"Our search for security was a global one, and after considering the biggest names as well as the upstarts, our choice went to PT AF. We have worked with Positive Technologies for a long time and appreciate the work they do. We see that their products will continue to grow and evolve, meeting any new needs yet to come. The dialog with them is strong, the help we receive is fantastic, and we appreciate having a partner who truly listens."
Ural Federal University uses the WAF to keep its website safe:"When looking for a security solution, PT AF caught our eye: it contains all the most modern technologies for protecting web applications. PT AF enabled us to perform non-stop security monitoring of the university site and quickly react to threats. Thank you to the experts at Positive Technologies for the responsiveness and high level of skill they showed in their work."
PT AF helped the All-Russia State Television and Radio Broadcasting Company (VGTRK) to ensure the security and availability of over 20 web and mobile applications used for broadcasting the Olympic Games:"Thanks to PT AF, we caught all attacks in time, so millions of our online viewers and listeners could enjoy uninterrupted Olympic coverage."
Sberbank Non-Government Pension Fund (Sberbank NPF) began use of PT Application Inspector to analyze application code and deployed PT AF to defend its services:"Thanks to the comprehensive solution provided by Positive Technologies, we have maintained our fast go-to-market pace for new services. In doing so, we have also succeeded in setting up an effective collaboration process between the development and security teams plus ensuring exceptional security for our existing and in-development applications."