Web Application FIREWALL (WAF)

DoS and DDoS attack mitigation

Specific engine to mitigate denial-of-service attacks, with configurable rules per service: connections per second limit, connections per IP, protection against TCP spoofing, etc.

Integrated IPDS system

Includes intrusion prevention and detection system (IPS/IDS) with blacklists and whitelists, protection against known attacks, and real-time response mechanisms.

Automated blocklists

Over 200 automated reputation lists by zone or geolocation to block suspicious private networks, botnets, spam, TOR nodes, anonymous proxies, scrapers, among others.

Bot detection and mitigation

Identifies and blocks malicious traffic generated by bots, preventing web scraping, credential stuffing, and other automated attacks without affecting legitimate users.

HTTP header validation

Verification of incoming HTTP headers to ensure compliance with protocol standards and mitigate attacks that abuse malformed headers. Also prevents attacks such as header spoofing (e.g., X-Forwarded-For).

Automatic threat response

Real-time blocking of malicious traffic, without the need for manual intervention, thanks to integration with dynamic blacklists and immediate response policies.

Comprehensive protection against advanced threats

Over 400 predefined rules—including OWASP—to detect and block attacks such as SQL injection (SQLi), Cross-Site Scripting (XSS), file inclusion, remote code execution, session fixation, and filtering by unauthorized methods and protocols.

Full scalability and automation

Integration via REST+JSON API to manage the WAF programmatically in dynamic and high-performance environments. Supports over 140,000 simultaneous users at layer 7 and over 10 million at layer 4, with optimized performance up to 40 Gbps.