PT Application firewall (WAF)

Web applications continue to be a popular target for attackers. As our studies have shown, every fifth attack is aimed at the web resources of organizations, most often government and medical institutions, online services, organizations in the field of science and education, and IT companies.

PT Application Firewall protects web applications from external attacks and prevents attackers from exploiting vulnerabilities. Using a combination of security technologies, the solution prevents both known attacks and zero-day attacks.

 

KEY FEATURE

  • Blocks mass and targeted attacks 
  • Quickly integrates into infrastructure
  • Adapts to protected applications

 

Advantages

Supports business continuity.

PT Application Firewall protects against application layer DDoS attacks (L7), exploitation of vulnerabilities associated with errors in the business logic of applications.

Minimizes the risk of information leakage.

PT Application Firewall blocks modern web application attacks, including those in the OWASP Top 10 and WASC classifications, and uses machine learning algorithms to block zero-day attacks.

Helps to meet the requirements of the standards.

PT Application Firewall helps you comply with PCI DSS and other international, national, and corporate security standards. The solution is registered in the register of Russian software, has a valid FSTEC certificate of Russia and a certificate of conformity of the Republic of Kazakhstan. 

 

PT Application Firewall

  1. Detects complex multi-phase attacks
  2. Protects against application layer DDoS attacks
  3. Automatically detects application vulnerabilities
  4. Protects against attacks on application users
  5. Counteracts malicious bots
  6. Prevents downloading malware
  7. Blocks zero-day attacks
  8. Performs virtual patching

 

IMPLEMENTATION SCHEMES:

SNIFFER

Traffic copy analysis. Traffic is forwarded to PT AF from the switch's SPAN port

REVERSE PROXY SERVER

Interception and decryption of traffic, blocking attacks

TRANSPARENT PROXY SERVER

Breakthrough connection in the traffic path between the client and the web server as an L2 bridge

 


About Positive Technologies

Positive Technologies is a leading global provider of information security solutions. Over 2,300 organizations worldwide use technologies and services developed by our company. Positive Technologies is the first and only company in Russia to go public on the Moscow Exchange (MOEX: POSI).

For 20 years, our mission has been to counter hacker actions before unacceptable damage is done to a business or entire industries.

Our new class of solutions—metaproducts—focuses on the results-oriented approach to cybersecurity. Metaproducts detect and stop attacks in automatic mode with the help of just one person. Positive Technologies’ first metaproduct, MaxPatrol O2, automatically detects and prevents attacks before unacceptable damage is done to the company. MaxPatrol O2 can replace the entire team of a security monitoring center, and it only takes one person to manage it; all in all, this protection system requires minimum knowledge and effort from a specialist.

To demonstrate that the results-oriented approach to information security truly works, we conduct cyberexercises (on our own infrastructure as well as others’) and publicly test our products. Our solutions are based on the research experience and expertise of several hundred information security experts.