01
Threat landscape
98%
of web applications are susceptible to attacks on users91%
suffer from leaks of important web application data84%
suffer from leaks of important web application data
Now on the cloud
PT Cloud Application Firewall matches any budget. The cloud version offers a monthly subscription so you can choose the optimal rate based on the workload of your web resource and doesn't require investments in hardware or the expertise of information security specialists. Positive Technologies partners handle the installation, configuration, and launch of the product in just one day, and it can be managed from anywhere in the world.
Learn more
Why a web application firewall (WAF)?
02
Application vulnerabilities can exist for months or years before they're remediated with an official patch, or remain unaddressed forever. WAF make it possible to defend against exploits for existing vulnerabilities without making changes to the application itself.
Solution
03
PT AF is a web application firewall with innovative protection for the precise detection and blocking of attacks, including the OWASP Top 10, WASC, and zero-day attacks. PT AF PRO provides continuous protection for web applications, users, and IT infrastructure while helping maintain compliance with security standards.
04
Benefits
Maintains continuity of business processes
PT Application Firewall defends against L7 DDoS attacks and vulnerability exploits in the application business logic.
Minimizes the likelihood of a data leak
PT Application Firewall blocks attacks from the OWASP Top 10 list and in the WASC classification, and automatically detects vulnerabilities and protects against exploits that could target them.
Helps comply with information security standards
PT Application Firewall makes it easy to meet PCI DSS requirements and other international, federal, and corporate security standards.
05
Use scenarios
Detection of sophisticated attacks
Correlation and custom rule features help link together multiple logically related events distributed over time and configure audits of the arbitrary actions of web application users.
Combats malicious bots
PT Application Firewall protects against various levels of bot programs, including those that emulate a browser to execute JavaScript.
Blocks zero-day attacks
Application profiling powered by machine learning helps detect anomalies in client requests and block attacks that don't have detection rules yet.
Detects vulnerabilities automatically
PT Application Firewall automatically detects web application vulnerabilities by analyzing HTTP responses.
Protects against attacks on users
The WAF.js client module protects users against XSS, DOM XSS, DOM clobbering, CSRF and other attacks when entering the application page.Prevents malware from being loaded
The M-Scan additional module scans uploaded and downloaded files using a set of antivirus tools (up to 7 engines) and blocks malware.
Protects against DDoS attacks at the application level
User profiling powered by machine learning makes it possible to track anomalies, including attempts to carry out DDoS attacks at the application level.
Virtual patching
The P-Code additional module analyzes web-application source code, detects vulnerabilities, and protects them against exploitation with virtual patches.
06
Implementation options
Sniffer
Reverse proxy
Transparent proxy
07
Associated products
PT Application Firewall
A web application firewall
PT AI
The only source code analyzer that provides high-quality analysis and convenient tools to automatically confirm vulnerabilities
PT BlackBox
Dynamic application security testing tool
PT Container Security
An advanced, innovative solution for the comprehensive protection of hybrid cloud infrastructure. It supports secure development for software systems that use containerized virtualization.
Get in touch
Fill in the form and our specialists
will contact you shortly
will contact you shortly