BI.ZONE WAF
Expert managed web application firewall
Service overview
Modern web applications are complex systems of interconnected software components and technologies. Each newly implemented or integrated feature exposes your application to additional threats.
For a minimal cost, BI.ZONE WAF provides proactive defense against most attacks targeted at web applications and their users
For a minimal cost, BI.ZONE WAF provides proactive defense against most attacks targeted at web applications and their users
1 in 15
requests to an application is malicious
2nd
most popular way to gain initial access to an IT infrastructure is by exploiting web applications
Capabilities
Multilayered web application and API security
Detects the OWASP Top 10 security risks at all nesting layers, taking into account the different data types within the HTTP request
User data protection
Prevents session hijacking, DOM based XSS, brute‑force attacks, and cross‑site request forgery (CSRF)
L7 DDoS attack protection
Blocks denial-of-service attacks using behavioral and correlation analysis, and by monitoring web application health metrics
Bot mitigation
Performs behavioral checks (JS Challenge, CAPTCHA) on the user side, thus detecting automated activity
Outsourced management
Implements a custom protection profile developed by our experts for each web application
Service tasks
Solution deployment and support
We undertake full configuration and operation of BI.ZONE WAF and provide 24/7 incident monitoring and response
Infrastructure scaling
We enable a transparent scaling process of the BI.ZONE WAF components as the load on the web application increases
Security policies configuration
We configure individual security policies with due account of the application business logic
False positives detection and elimination
We analyze the traffic processing results for your web application, identify false positives, and adjust the filtering process, where necessary
Advantages
Easy integration with your infrastructure in just several days to a month
Ready-to-use IT infrastructure at no capital expenses
Reduced operating expenses
Minimized financial and reputational risks
Decreased incident response time
How it works
Service control and maintenance is carried out by our specialists.
You can view the statistics and the efficiency of the service in your personal account. Our experts are on standby to help you change any configurations or solve other issues that might arise
You can view the statistics and the efficiency of the service in your personal account. Our experts are on standby to help you change any configurations or solve other issues that might arise
Personal account
Try it out
-
We will arrange a demo meeting and answer your questions
-
We will help you throughout the 30‑day trial period
You might also need
Cloud
BI.ZONE WAF is deployed in the BI.ZONE cloud. It hosts filtering nodes, a personal account, and a centralized management system
Hybrid
The filtering nodes are deployed in your infrastructure, in front of the protected web application, while the centralized management system and personal account are hosted in the BI.ZONE cloud
Publications
|
BI.ZONE WAF counters new vulnerability in Confluence
May 27, 2024
|
Read | |
|
BI.ZONE WAF responds to multiple Formidator WordPress plug‑in vulnerabilities
April 27, 2024
|
Read | |
|
BI.ZONE WAF addresses two critical vulnerabilities in JetBrains TeamCity software
March 12, 2024
|
Read | |
|
BI.ZONE WAF handles five vulnerabilities in GitLab
January 18, 2024
|
Read | |
|
BI.ZONE WAF guards against new WordPress vulnerability
November 22, 2023
|
Read | |
|
BI.ZONE WAF counters critical vulnerability in Confluence
October 19, 2023
|
Read |
April 2024
Fewer false positives, better threat detection.
Core updates
- Improved attack detection rules. We have updated the detection rules to ensure a broader threat coverage and reduce false positives. Now BI.ZONE WAF is better at repelling path traversal, SSTI, web shell file uploading, HTTP response smuggling, and other attack techniques and their variations. The number of false positives has gone down by half.
- New CVE detection rules. Since the beginning of the year, we have developed and introduced nearly 30 rules to contain attacks exploiting critical vulnerabilities and exposures in Confluence, GitLab, and other applications protected by BI.ZONE WAF. This helps secure your applications prior to the release of their official updates.
- Better attack detection in HTTP request bodies. We have expanded the list of data formats supported by the BI.ZONE WAF rules. Thanks to that, the solution has become better at detecting threats in the body of an HTTP request.
- Enhanced fault tolerance. We have optimized the core and improved load balancing in the simultaneous BI.ZONE WAF and BI.ZONE AntiDDoS use scenario. Now, in case of availability issues, service recovery will be even faster.
Interface updates
- Improved map in Attack statistics. We have enhanced it to include heat map functionality: darker shades now indicate countries with higher attack volumes. Additionally, hovering over a country highlights its territory with a hatch pattern. We have also improved map granularity and added countries with very small territories.
- Optimized operations with exclusions. While this update is only available to the BI.ZONE WAF team, you will also notice the change—fewer false positives. Thanks to a simplified filtering rule setup, there is now less room for human error.
- Extended opportunities for working with users and organizations
. Changing your password, reviewing available permissions, or checking your personal data stored at BI.ZONE WAF—now all these operations are available via My profile page. If you belong to multiple organizations, you can now easily switch between them. Previously, the user was by default linked to the organization that appeared first on their list. - Optimized filters. Now analyzing information has become more convenient. We have updated the attack log and dashboard filtering parameters with more relevant ones. We have also got rid of redundant filter operators and added tooltips for the parameters that require clarification.
- New section names. Some sections have received new names that better reflect their content and capabilities: Event log → Attack log, Web application monitoring → Request statistics. We have also renamed one section for brevity: My reports → Reports.
June 2023
BI.ZONE WAF now works faster, and the interface offers more features and useful information.
Core updates
- Faster filtration. We have optimized the filtering node performance. Now BI.ZONE WAF is much quicker at analyzing the traffic of the protected web applications.
Interface updates
- Improved event logging. In addition to grouping events, now you can select the sorting order within a group. Event grouping takes less time, which is particularly noticeable with large volumes of entries.
- More informative statistics. The Web application monitoring section now has an RPS MAX indicator to assess the maximum number of requests per second, excluding traffic surges. The indicator is calculated based on the 95th percentile. Other charts now display the total value for the selected period instead of the average per second.
- Text fixes. We have fixed terminology inconsistencies in the interface.
December 2022
The service runs faster, is easier to manage, and includes a new section.
Core updates
- Optimized filtering node. We have introduced multiple changes in request decoding processes and updated rule mechanisms, improving component interaction for greater stability and speed.
Interface updates
- Expanded statistics viewing. The Web application monitoring section now enables the filtering of statistical data by domains of any level (not just second-level domains).
- Sensitive data masking. Previously, data in user HTTP requests was stored in plaintext. Now it is masked with asterisks or other special characters.
- Report emailing. The new My reports section enables the emailing of attack detection and web application performance reports. You can configure both one-time and scheduled reporting in PDF or CSV.
- Faster event grouping. Operations with groups in the event log now take much less time, even with large volumes of entries.
- English interface. We have finalized the English version of the interface.