There are two main types of threats that affect website performance:
- threats targeting website availability (DDoS attacks)
- threats targeting the privacy of website content (vulnerabilities)
While the first type of threats is effectively mitigated by our Qrator Labs solution, the second type is the main concern of WAF (Web Application Firewall) using the Wallarm technology.
The source code of any serious web application may contain errors. The hackers exploit them in order to get unsanctioned access to the data belonging to the owners and visitors of the website. It is necessary not only to detect and neutralize the attacks on web application timely but also exclude the possibility of exploiting these vulnerabilities in future. Wallarn is designed to solve these task with highest efficiency.
Wallarm provides the following services:
- Notifications on detected vulnerabilities of the web application and measures for detection and blocking of malicious traffic bound to exploit these vulnerabilities.
- Providing the customer with reports on detected problems and platform-specific recommendations for solving them. Ruby, PHP, .NET, Perl and Python applications are supported.
- Automated monitoring of the status of detected vulnerability up to the moment of its elimination.
- Quality control for vulnerability mitigation.
In order to neutralize attacks and vulnerabilities Wallarm uses statistical data on the protected website traffic which is obtained from the Qrator Labs network. As a result of the analysis, Wallarm makes online updates of the rule sets used for filtering the traffic in our network.
This service requires no technical alterations on the customer's side.
Wallarm does not affect the passing of legitimate traffic through thhe Qrator network.
- Proactive filter blocks most of attacks on the web application. It is able to handle large volumes of traffic. Self-teaching algorithm ensures avoidance of false-positive incidents.
- Vulnerability detection system detects existing errors in web application security. The customer is informed on any detected vulnerabilities and is provided with not only the description of the problem but also with detailed instructions on its solution.
- Virtual Patching system protects the application from exploits of the vulnerabilities that have been detected but not fixed yet, blocking attack and intrusion attempts in online mode and allowing uninterrupted website operation (not provided on the testing stage).
- Cloud solution on the Qrator Labs network – the customer doesn't need to install any additional software or buy any hardware devices.
- Non-signature-based statistical analysis methods:
- no signatures means no delays in traffic processing. The system can be applied to high-performance applications (Big Data projects such as social networks, search engines etc);
- it's possible to detect previuosly unknown attack that doesn't have their signatures contained in the knowledge base.
- Unlike the conventional IPS/IDS, Wallarm:
- not only detects the attacks (which can, in most of the cases, pose no threat to your website - various autohackers and scanners creating "white noise" over the Internet) but also distinguishes those ones that are really capable of puttng your website in danger;
- finds vulnerabilities in your web application source code.