Web Application Firewall

On-Demand’s Managed Web Application Firewall (WAF) service provides real-time, continuous web application protection and security that protects web sites, servers, and applications. Providing continuous 24x7x365 security monitoring, On-Demand tunes and manages the WAF protection configuration (rules & policies) that protect systems and web applications from exploitation and data leakage.

If the code on your webserver is up to date, patches are applied as soon as they become available and you are doing regular Vulnerability Testing , you can get away with not utilizing a WAF…maybe. In todays typical website environment, where websites are sometimes being updated, changed, application addons added and removed, etc on A daily or weekly basis, security holes can be inadvertently exposed. A well managed WAF is added protection. The best way to think of it, as "Virtual Patch".


Features for security

White Listing

Some Core rules can be too strict for some websites, which can cause the website to not function properly. In such cases Whitelists allow you to use some forbidden symbols and rules when you need them. A white list can be applied site wide or on a particular URI.

Maintain Uptime

Complement network DDoS defenses with protection against HTTP-based attacks. Avoid corruption of apps,prevent loss of revenue and preserve customer satisfaction

Protection against OWASP Top 10 Threats

WAF protects against the most critical web application security risks, such as SQL injection, cross-site scripting, other OWASP Top 10 threats. It also ensure optimum protection against newly discovered vulnerabilities to prevent disruption to your application and improve website performance.


Talk to our WAF expert to get started with.