Web Application Firewall (WAF) is a one-stop AI-based risk prevention solution for web business operations. It can identify malicious traffic with the aid of AI and rule engines to protect websites and further improve the website security and reliability. By leveraging bot behavior analysis, it can defend against malicious access requests and safeguard core website businesses and data.
Tencent Cloud provides two types of on-cloud WAF, namely, SaaS WAF and CLB WAF. They have basically the same security protection capabilities but different connection methods.
WAF can effectively prevent SQL injection, cross-site scripting (XSS), trojan upload, unauthorized access, and other OWASP attacks. In addition, it can also provide all-around protection for website systems and businesses by effectively filtering CC attacks, providing zero-day vulnerability patches, and preventing webpage tampering.
|AI + WAF||Web attack recognition is based on AI + rules. It is anti-bypass and low in both false negative and false positive rates. Web attack recognition defends effectively against common web attacks, including the OWASP top 10 web security threats (SQL injection, unauthorized access, cross-site scripting, cross-site request forgery, web shell trojan upload, etc).|
|Virtual zero-day vulnerability patching||The 24*7 monitoring service from Tencent security team identifies and responds to vulnerabilities proactively. Within 24 hours, it issues virtual patches to zero-day and high-risk web vulnerabilities. Protected users can get zero-day and emergency vulnerability protection instantly and automatically, shortening vulnerability response time dramatically.|
|Web tampering protection||You can cache core web contents to the cloud and publish cached web pages. This acts like a substitute and can prevent negative consequences of web page tampering.|
|Data leakage protection||Backend data is well protected by pre-event server and application concealing, mid-event attack prevention, and post-event sensitive data replacement and concealing.|
|CC attack protection||Smart CC protection intelligently generates defense policies based on the real server's abnormal responses (such as timeout and response delay) and website behavior big data analysis. It supports multidimensional custom accurate access control, intelligently and effectively filters malicious access requests, and defends against CC attacks with measures such as CAPTCHA and frequency control.|
|Crawler and bot traffic management||The AI + rules-based webpage crawler and bot management feature help you avoid business risks caused by malicious bot behaviors, including website user data leakage, content infringement, competing price comparison, inventory search, malicious SEO, and business strategy leakage.|
|30 BGP lines for access protection||With its 30 dedicated BGP lines for protective nodes, WAF supports smart node scheduling to effectively solve the issues with access delay to ensure high access speed in metropolises and small towns. It implements cloud-based security protection without compromising the website access speed.|
WAF can effectively protect website systems and businesses of enterprises in the following use cases.