Key features of DenyAll Web Application Firewall

With DenyAll Web Application Firewall, protect your web sites & applications from defacement, denial of service, data leakage, identity theft and intrusion attempts.

key features of Web Application Firewall

Visual Policy

Workflow-based configuration and policy visualization provides an intuitive and productive environment for admins.

Visual Policy

Configuring policy is as simple as dropping boxes and dragging arrows. Changes are made in a few clicks. Policy can be easily understood by managers, even if they are not application security experts.

Management APIs

WAF deployment can be industrialized via an API, increasing time-to-market and agility, while reducing cost of ownership.

Management APIs

Automate key administrative tasks, from the initial creation of tunnels and applications, the configuration of policy, and on-going monitoring and reporting activities.

Web Security

Combine negative and positive security models to effectively prevent known and unknown attacks (zero-day).

Web Security

ICX’s generic blacklist signatures, based on known attack techniques, block key OWASP Top 10 attacks such as injections, scripts, etc. Combine it with application learning and whitelisting for maximum security.

Behavior Analysis

Monitor user activity in context to prevent attacks targeting the application logic and block abnormal behavior.

Behavior Analysis

Configurable time-based checks help prevent authentication brute force and application-layer denial-of-service attacks, while preconfigured filters limit bots and search engine crawler requests.

App Learning

Discover all pages and understand the structure of the web application you need to protect against web attacks.

Application Learning

Check all incoming URIs, each parameter and all possible values to understand how the site works. Add rules to validate other parts of incoming requests, such as headers.

Log Replay

Test new security policies using logged traffic to reduce false positives. And to perform forensics analysis on attacks.

Log Replay

Use WAF or web server logs to simulate the data running through a new version of the security policy, before validating it, make sure legal requests are not blocked. Or understand what happened, after the fact.

Virtual Patching

Fine-tune policy based on the outcome of a vulnerability scan until the full remediation of the vulnerabilities.

Virtual Patching

Test the efficiency of your WAF policy using DenyAll Vulnerability Manager. Integrate the scan report into DenyAll WAF to virtually patch application-layer vulnerabilities and prevent exploits.

Extensibility

Extend the security to XML traffic (DenyAll Web Services Firewall) and Web Single Sign On (DenyAll Web Access Manager).

Extensibility

DenyAll WSF adds Web Services specific security features. DenyAll WAM handles Web SSO for users, beyond the authentication methods supported by our WAF (client certificates, SAML, Radius, LDAP)

Certification & Awards

DenyAll is trusted by 600 demanding customers in all sectors of activity and awarded for its innovation and reliability.

Logo ANSSI

Certified by ANSSI (CSPN)

The French national agency for information security has certified DenyAll Web Application Firewall (WAF) for its first level security certification.
Logo France Cyber Security Label

Label France Cybersecurity

DenyAll is awarded “France Cybersecurity Label” by the French government, which proves the quality and performance of our Web Application Firewall (WAF).
Logo Gartner Application Security

Gartner’s Magic Quadrant

In the 2015 edition of Gartner’s Magic Quadrant for Web Application Firewalls, DenyAll is identified as a Visionary, thanks to its innovation in security.

Why choose DenyAll Web Application Firewall?

Discover why relying on DenyAll WAF is the right decision for you.

  • Ease of Administration

    Because you need your administrators to be productive and agile, not loose time in unnecessarily complex, repetitive tasks.

  • Effective Security

    Because you need to actually block application-layer attacks and don’t want another false positive-prone intrusion detector.

  • Application Security Innovation

    Because you know old recipes don’t work and want to take advantage of innovative approaches in application security.

  • WAF-DAST Integration

    Because you need to discover those unprotected, vulnerable web applications and protect them at the lowest possible cost.

  • Ubiquitous Security

    Because you need to protect all web applications, be they on premise or in the cloud, business critical or not.

  • NextGen Application Security

    Because protecting your IT requires an integrated solution, combining scanning, web application & services security and user access.

Form Factors

Deploy your Web Application Firewall (WAF) anywhere, even in the cloud.

HARDWARE

Dell appliance bundles

DenyAll appliances offer price/performance choice that meet the IT needs of small and large companies. No installation needed, it takes only a few minutes to deploy a WAF.

SOFTWARE

Virtual machine (VM)

The software relies on a CentOS Linux operating system which has been specifically optimized and hardened to meet the requirements in terms of security and performance.

CLOUD

Cloud-based solution

DenyAll takes application security to the cloud and is delivering its WAF on the Amazon Web Services marketplace, on Microsoft Azure and on many OpenStack platforms

AS A SERVICE

Cloud Protector

Leveraging the scalability of the cloud, Cloud Protector removes the need for technical expertise and simplifies the steps required to protect and accelerate any web site.

Additional resources

More information about DenyAll Web Application Firewall.

“NextGen WAF” white paper

Whitepaper Web Application Firewall

DenyAll Web Access Manager

Datasheet DenyAll Web Access Manager

DenyAll Web Services Firewall

Datasheet DenyAll Web Services Firewall

DenyAll Appliances

Datasheet Appliances

Talk to a DenyAll Security Expert Today!