Today’s businesses depend on web applications to perform functions critical for business operations and growth; and since they’re exposed to the internet, threat actors are constantly trying to exploit web apps to gain access to organization’s networks or impact their operations. A web application firewall is the cornerstone of an effective web application security strategy. The enhanced Fortra Managed WAF provides the tools you need to protect your web apps and APIs from compromise, which allows internal resources to focus on application development in confidence.
“Experience tells us that protecting web apps is critical for businesses as they are the most targeted asset, accounting for 53%1 of all attacks last year,” said Josh Davies, Fortra’s Alert Logic Principal Technical Marketing Manager. “With 54%2 of organizations reporting monthly unplanned downtime due to an attack, having a web application firewall that blocks attacks targeted at web apps and APIs is imperative. With the Fortra Managed WAF, businesses have proactive protection, keeping web apps online by combining advanced threat protections with true security expertise, managed tuning, false positive resolution, and industry-leading threat intelligence.”
Realizing security outcomes requires true expertise and robust processes, Fortra Managed WAF allows customers to realize our new and enhanced security features, including:
- Advanced Application Protections — Protects web applications from web-based exploits using behavior based and rules-based policies, including coverage for OWASP top 10 for both web application and API.
- API Discovery and Protections — Discovers APIs automatically and protects them from application attacks with targeted policies informed by automated API discovery and mapping.
- Bot Management — Session anomaly detection and other controls protect against automated attacks and unwanted data scraping.
- Credential Attack Protection — Puts protections in place against brute force and credential stuffing attacks using CAPTCHA, rate limiting, and blocking to detect and prevent using stolen credentials.
- Emerging Threat Protection — Uses a combination of advanced threat protection, machine learning, anomaly detections and expert security policy optimization. Our forward-thinking policies have demonstrated success in blocking zero-day attacks as well as providing mitigations against the most challenging threats to detect and block.
- Fortra Threat Intelligence — Combines leading threat intelligence feeds with insights from tens of thousands of customers to track the evolution of tactics and techniques in the web security space as well as maintaining a repository of active malicious actor IP addresses and attack campaigns which can be used for source discrimination.
- Managed Virtual Patching — Managed creation and automated application of virtual patches for 100+ top applications that protect vulnerable systems from exploitation, keeping an environment secure between patch cycles.
“With our managed WAF, customers have advanced application and API threat protection, optimized for their applications by our highly skilled web security experts,” said Davies. “Our enterprise-grade features and protection allow organizations of any size to achieve true security value.”
Fortra Managed WAF Solution Available to All Organizations
In addition to its new and enhanced features, Fortra Managed WAF is now available as a standalone product offering. “After the success of providing managed WAF as an add-on for our MDR customers, we decided to open the solution up to every organization, regardless of whether they are a Fortra’s Alert Logic MDR customer,” explained Davies. “With Fortra Managed WAF, new customers can obtain the web security benefits and expertise without having to be an MDR customer. Now any organization can get enterprise-grade web application and API protection with Fortra’s advanced web protections and expert management.”
Additional WAF Resources
- Solution Brief: Managed Web Application Firewall
- Blog: What is a WAF?
- Blog: Web App Security: Insights from the Frontline
- Video: What is a WAF?