Key features of DenyAll Web Application Firewall

With DenyAll Web Application Firewall, protect your web sites & applications from defacement, denial of service, data leakage, identity theft and intrusion attempts.

key features of Web Application Firewall

Visual Policy

Workflow-based configuration and policy visualization provides an intuitive and productive environment for admins.

Visual Policy

Configuring policy is as simple as dropping boxes and dragging arrows. Changes are made in a few clicks. Policy can be easily understood by managers, even if they are not application security experts.

Management APIs

WAF deployment can be industrialized via an API, increasing time-to-market and agility, while reducing cost of ownership.

Management APIs

Automate key administrative tasks, from the initial creation of tunnels and applications, the configuration of policy, and on-going monitoring and reporting activities.

Web Security

Combine negative and positive security models to effectively prevent known and unknown attacks (zero-day).

Web Security

ICX’s generic blacklist signatures, based on known attack techniques, block key OWASP Top 10 attacks such as injections, scripts, etc. Combine it with application learning and whitelisting for maximum security.

Behavior Analysis

Monitor user activity in context to prevent attacks targeting the application logic and block abnormal behavior.

Behavior Analysis

Configurable time-based checks help prevent authentication brute force and application-layer denial-of-service attacks, while preconfigured filters limit bots and search engine crawler requests.

App Learning

Discover all pages and understand the structure of the web application you need to protect against web attacks.

Application Learning

Check all incoming URIs, each parameter and all possible values to understand how the site works. Add rules to validate other parts of incoming requests, such as headers.

Log Replay

Test new security policies using logged traffic to reduce false positives. And to perform forensics analysis on attacks.

Log Replay

Use WAF or web server logs to simulate the data running through a new version of the security policy, before validating it, make sure legal requests are not blocked. Or understand what happened, after the fact.

Virtual Patching

Fine-tune policy based on the outcome of a vulnerability scan until the full remediation of the vulnerabilities.

Virtual Patching

Test the efficiency of your WAF policy using DenyAll Vulnerability Manager. Integrate the scan report into DenyAll WAF to virtually patch application-layer vulnerabilities and prevent exploits.


Extend the security to XML traffic (DenyAll Web Services Firewall) and Web Single Sign On (DenyAll Web Access Manager).


DenyAll WSF adds Web Services specific security features. DenyAll WAM handles Web SSO for users, beyond the authentication methods supported by our WAF (client certificates, SAML, Radius, LDAP)

Certification & Awards

DenyAll is trusted by 600 demanding customers in all sectors of activity and awarded for its innovation and reliability.

Certified by ANSSI (CSPN)

The French national agency for information security has certified DenyAll Web Application Firewall (WAF) for its first level security certification.

Label France Cybersecurity

DenyAll is awarded “France Cybersecurity Label” by the French government, which proves the quality and performance of our Web Application Firewall (WAF).

Gartner’s MQ for WAFs

In the 2017 Magic Quadrant for Web Applications Firewalls, Gartner underlines the ease of use and in-depth security features of DenyAll WAF.

Why choose DenyAll Web Application Firewall?

Discover why relying on DenyAll WAF is the right decision for you.

  • Ease of Administration

    Because you need your administrators to be productive and agile, not loose time in unnecessarily complex, repetitive tasks.

  • Effective Security

    Because you need to actually block application-layer attacks and don’t want another false positive-prone intrusion detector.

  • Application Security Innovation

    Because you know old recipes don’t work and want to take advantage of innovative approaches in application security.

  • WAF-DAST Integration

    Because you need to discover those unprotected, vulnerable web applications and protect them at the lowest possible cost.

  • Ubiquitous Security

    Because you need to protect all web applications, be they on premise or in the cloud, business critical or not.

  • NextGen Application Security

    Because protecting your IT requires an integrated solution, combining scanning, web application & services security and user access.

Form Factors

Deploy your Web Application Firewall (WAF) anywhere, even in the cloud.


Dell appliance bundles

DenyAll appliances offer price/performance choice that meet the IT needs of small and large companies. No installation needed, it takes only a few minutes to deploy a WAF.


Virtual machine (VM)

The software relies on a CentOS Linux operating system which has been specifically optimized and hardened to meet the requirements in terms of security and performance.


Cloud-based solution

DenyAll takes application security to the cloud and is delivering its WAF on the Amazon Web Services marketplace, on Microsoft Azure and on many OpenStack platforms


Cloud Protector

Leveraging the scalability of the cloud, Cloud Protector removes the need for technical expertise and simplifies the steps required to protect and accelerate any web site.

Customer references

What our customers are saying about DenyAll Web Application Firewall.

Rohde & Schwarz Cybersecurity has enabled us to quickly secure our B2C and B2B sites and to highlight the potential weaknesses of existing applications.
R&S®Web Application Firewall is effective and allows us to block each day a hundred attacks. Both intuitive and easy to use, Rohde & Schwarz Cybersecurity products are also focused on the user experience.
R&S®Web Application Firewall allows us to efficiently protect applications that are behind the reverse-proxy and allows our customers and users to access the servers at all times to access weather data. It also allows us to efficiently decrypt and encrypt their queries.
R&S®Web Application Firewall allows us to continue to develop efficient applications for our customers while guaranteeing maximum security. We were able to reduce the traffic of malicious robots by 70%.
R&S®Web Application Firewall allows us to maintain a high level of security for our internal and external applications while remaining in line with ANSSI recommendations.
Digitization requires the free exchange of mobile data as well as with our partners and customers. R&S®Web Application Firewall allows us to accompany these changes, with agility while keeping control of flows and without constraining the trades.
R&S®Web Application Firewall based on reverse-proxy technology has enabled us to streamline the publication of our web applications. Coupled with the SSO Web, we were able to strengthen and simplify user access to applications.
The deployment of the ANSSI-certified R&S®Web Application Firewall solution as a cluster guarantees us layer 7 security and high application availability.
R&S®Web Application Firewall makes it easy to break down and introduce new services. It protects our applications and websites quickly and efficiently, ensuring high availability.
The protection of many internal and external applications by R&S®Web Application Firewall meets our security needs and saves us time in publishing new web applications. This solution is embedded in our policy to strengthen the safety of our patients and their data.
Christophe de KervilerChief information security officer
Pascal FremeauxInfrastructure and Security Manager
Jérôme BourgeaisNetwork and Security Department
Pierre SalaveraIT Department
Denis LionnetChief Information Officer
Mathias LargilliereChief information security officer
Jean-François MaureyHead of the digital uses department
Clément SchneiderCo-founder
Bruno ClicqueIT Manager
Fabrice SchindlerNetwork Engineer

Download DenyAll Web Application Firewall Datasheet