01

Threat landscape

  • 98%

    of web applications are susceptible to attacks on users
  • 91%

    suffer from leaks of important web application data
  • 84%

    suffer from leaks of important web application data

Now on the cloud

PT Cloud Application Firewall matches any budget. The cloud version offers a monthly subscription so you can choose the optimal rate based on the workload of your web resource and doesn't require investments in hardware or the expertise of information security specialists. Positive Technologies partners handle the installation, configuration, and launch of the product in just one day, and it can be managed from anywhere in the world.
Learn more

Why a web application firewall (WAF)?

02

Application vulnerabilities can exist for months or years before they're remediated with an official patch, or remain unaddressed forever. WAF make it possible to defend against exploits for existing vulnerabilities without making changes to the application itself.
 scheme_timeline.png

Solution

03

PT AF is a web application firewall with innovative protection for the precise detection and blocking of attacks, including the OWASP Top 10, WASC, and zero-day attacks. PT AF PRO provides continuous protection for web applications, users, and IT infrastructure while helping maintain compliance with security standards.
 scheme_af-black_en.png

Blocks both mass and targeted attacks.

Thanks to a combination of security mechanisms and Positive Technologies expertise, PT Application Firewall ensures comprehensive protection from known threats and zero-day attacks.

04

Benefits

  • Maintains continuity of business processes

    PT Application Firewall defends against L7 DDoS attacks and vulnerability exploits in the application business logic.
  • Minimizes the likelihood of a data leak

    PT Application Firewall blocks attacks from the OWASP Top 10 list and in the WASC classification, and automatically detects vulnerabilities and protects against exploits that could target them.
  • Helps comply with information security standards

    PT Application Firewall makes it easy to meet PCI DSS requirements and other international, federal, and corporate security standards.

Quickly integrates into infrastructure

PT Application Firewall provides a built-in configuration wizard and predefined security policy templates, making it easy to install and use.

05

Use scenarios

  • Detection of sophisticated attacks

    Correlation and custom rule features help link together multiple logically related events distributed over time and configure audits of the arbitrary actions of web application users.
  • Combats malicious bots

    PT Application Firewall protects against various levels of bot programs, including those that emulate a browser to execute JavaScript.
  • Blocks zero-day attacks

    Application profiling powered by machine learning helps detect anomalies in client requests and block attacks that don't have detection rules yet.
  • Detects vulnerabilities automatically

    PT Application Firewall automatically detects web application vulnerabilities by analyzing HTTP responses.
  • Protects against attacks on users

    The WAF.js client module protects users against XSS, DOM XSS, DOM clobbering, CSRF and other attacks when entering the application page.
  • Prevents malware from being loaded

    The M-Scan additional module scans uploaded and downloaded files using a set of antivirus tools (up to 7 engines) and blocks malware.
  • Protects against DDoS attacks at the application level

    User profiling powered by machine learning makes it possible to track anomalies, including attempts to carry out DDoS attacks at the application level.
  • Virtual patching

    The P-Code additional module analyzes web-application source code, detects vulnerabilities, and protects them against exploitation with virtual patches.

Adapts to the needs of each defended application

PT Application Firewall combines out-of-the-box usability with finely tunable settings, allowing it to protect a large number of applications with varying degrees of complexity and importance simultaneously.

06

Implementation options

Sniffer


Reverse proxy


Transparent proxy


07

Associated products

PT Application Firewall

A web application firewall
Learn more

PT Application Inspector

The only source code analyzer that provides high-quality analysis and convenient tools to automatically confirm vulnerabilities
Learn more

PT BlackBox

Dynamic application security testing tool
Learn more

PT Container Security

An advanced, innovative solution for the comprehensive protection of hybrid cloud infrastructure. It supports secure development for software systems that use containerized virtualization.
Learn more

Get in touch

Fill in the form and our specialists
will contact you shortly