DYNAMIC APPLICATION PROFILING :
SecureSphere WAF uses patented Dynamic Application Profiling to learn all aspects of web applications, including the directories, URLs, parameters, and acceptable user inputs to detect attacks with exceptional accuracy and block only bad parties, while eliminating impact to legitimate customers. SecureSphere WAF mitigates both technical attacks such as DDoS and SQL injection, as well as non-technical attacks such as comment spamming and site scraping.
GRANULAR CORRELATION POLICIES REDUCE FALSE POSITIVES:
SecureSphere WAF distinguishes attacks from unusual, but legitimate, behavior by correlating web requests across security layers and over time. SecureSphere Correlated Attack Validation capability examines multiple attributes such as HTTP protocol conformance, profile violations, signatures, special characters, and user reputation, to accurately alert on or block attacks with the lowest rate of false positives in the industry.
FLEXIBLE DEPLOYMENT OPTIONS:
SecureSphere WAF can be deployed as a physical or virtual appliance on-premises, and as a virtual image on Amazon Web Services or Microsoft Azure. Physical appliance deployments are particularly flexible in that they allow SecureSphere WAF to run transparently, requiring virtually no changes to the customer’s network. And granular policy controls enable superior accuracy and unequaled control to match each organization’s specific protection requirements.
SecureSphere WAF can perform “virtual patching” for your web applications via vulnerability scanner integration. Instead of leaving a web application exposed to attack for weeks or months while code is modified after discovering a vulnerability, virtual patching actively protects web applications from attacks to reduce the window of exposure, and decreases the costs of emergency fix cycles until you are able to patch them.
CUSTOMIZABLE REPORTS FOR COMPLIANCE AND FORENSICS
SecureSphere WAF rich graphical reporting capabilities enable customers to easily understand security status and meet regulatory compliance. SecureSphere WAF provides both pre-defined and fully-customizable reports. This enables you to quickly assess your security status and streamline demonstration of compliance with PCI, SOX, HIPAA and FISMA and other compliance standards.
OUT-OF-THE-BOX SIEM INTEGRATION
SecureSphere WAF can easily integrates with most of the leading Security Information and Event Management (SIEM) systems such as Splunk, ArcSight, RSA enVision and others. SecureSphere WAF exports events as syslog messages in Common Event Format (CEF) and JSON format. SecureSphere WAF events in any SIEM are intuitively indexed and are easily searchable for quick incident response.