The company offers a wide range of network security services, including Qrator Availability Network
Comprehensive protection against hacking attempts for the most high-load web applications with minimum delays and guaranteed service availability
Service Level Agreement for availability of customers' applications
Effective tools for false-positives protection
Bandwidth over 4 Tbps
Despite their importance, often it’s web applications which are the ‘weak link’ within organizations’ security perimeters. Typically, companies’ in-house web applications have complex architectures and many borrowed components, and in-house developers do not have enough time to organize the proper security for these resources. The application security is sometimes a sacrifice in the run for future releases of new features or functionality. Web applications are subject to various threats, such as theft of confidential data, fraud, or spoofing, and serve as a convenient entry point for further attacks.
Your Critical Web Resources are under Control
Strengthen Your Protection
Qrator.WAF is an advanced next-generation tool that helps to prevent a wide range of threats to web applications during their operation.
A high level of protection against both simple and complex targeted attacks is achieved by using the most detailed models of the protected application along with signature-based and behavioral anomaly detection methods.
Always Stay Online
The distributed infrastructure of WAF filtering nodes within the perimeter of the Qrator Labs network allows you to protect even the most heavily loaded applications with minimal delay and guaranteed service availability.
Distributed cloud solution
Flexible configuration taking into account features of protected applications
A greater set of usage scenarios compared to similar solutions
A wide range of professional services from the solution developer
Charging only for the actually used bandwidth to ensure the optimal cost of ownership
Operation in the lock mode with minimal false positives
High level of protection
A high level of protection against both simple and complex targeted attacks is achieved by using the most detailed models of the protected application along with signature-based and semantic anomaly detection methods.
Effective prevention of false positives
A mechanism of early suppression of false positives minimizes their influence on decision-making. It makes it possible for a WAF operator to focus on significant events.
Unique functions of business logic analysis
Defining users, their actions in the application, action parameters, and data, as well as sequences (chains) of logical actions. This information can be used to suppress false positives and create a positive application model, or it can be exported to other systems for further analysis.
Specific machine learning algorithms
They optimize WAF performance, detect false positives, automatically build application models, and effectively use the solution in the active development cycle (SDLC).
Major classes of web threats, including OWASP Top 10
Brute force attacks
Attacks on identification and authorization mechanisms
Corporate service security
Basic security mechanism
Enhanced security capabilities
HTTP protocol validation (request types, headers, and their parameters, etc.)
Automatic filtering of static resources: a separate mode for processing static resources (provides ease of data analysis in the control and monitoring subsystem)
Analysis of requests and responses using signature analysis (including those that detect OWASP Top 10 attacks)
The mechanism of "black" and "white" lists for basic types of sources (IP address, URLs)
Blocking sources when multiple anomalies are detected in the requests
Limiting the rate of requests from one source (Rate Limiting) for the application as a whole.
Automatic detection of the performed logical actions and checking its parameters for compliance with the predetermined patterns
Controlling sequences of logical actions
Success measurement of the performed actions based on the analysis of responses, including nested data
Defining sources that are arbitrary parameters of logical actions that characterize the request source (IP address, session ID, user name, certain cookie, etc.)
Controlling users and sessions, which define the key session parameters and the logical actions that are used as a framework to set, monitor, and disable these parameters)
Controlling user authorization at the level of sessions and performed logical actions
Controlling the rate of requests to individual logical actions depending on the parameters of the request source and other parameters (Rate Limiting)
No need to have special expertise to make changes to the architecture of the protected application and configure cloud WAF rules. We provide access to a ready-made solution based on the customer's wishes and provide round-the-clock monitoring of incidents in your personal account with the following features available
A dashboard with different metrics of the protected web applications traffic (response code, locks, delay, sessions, hostility).
A flexible tool for analyzing detected security events, grouped by type and threat level, with an option to view all the details of each individual transaction. It is also possible to manually suppress a false positive when a false positive lock is detected in the transactions.
A section where all transactions of the protected application are stored, offering the possibility to flexibly search for requests using various parameters.
Backspace Technologies improves real-time BGP anomalies detection to ensure better network performance and high availability of service with Qrator.Radar.
Qrator.Radar helps Dailymotion ensure high quality of video broadcasts with a primary focus on controlling and detecting network anomalies, which may cause a degradation of the video delivery service.
Cindicator stops Denial of Service issues and mitigates infrastructural and reputational risks with Qrator Labs filtering network letting the platform run like clockwork 24/7.
Türk Telekom improves routing health of its network detecting global connectivity incidents with Qrator.Radar
Olymp Trade reaches continuous availability of its resources and provides a secure trading environment for customers using Qrator.AntiDDoS solution
Qrator Labs helps Lazada prevent targeted attempts to disable the system with sophisticated DDoS attacks ensuring uninterrupted business operations, and boosting website performance.