Web Application & API security solution
Web Application Firewall
Web Application Firewall
Protect your web applications and APIs needed for the growth of your digital business against a variety of web-based attacks
AIONCLOUD protects your business with Web Applications & API protections
The web is vulnerable. Because the HTTP/HTTPS ports must always be open to show the Web to clients, various attacks can be introduced through them. MONITORAPP’s web application firewall, AIWAF is specialized for traffic-based detection of hacking attempts using vulnerabilities in the Web and for controlling access to servers. Web attacks are evolving every day, causing malicious traffic or falsifying request information. Only WAF that does not stop ongoing development to respond to new types of web attacks can do the right thing. The answer is AIWAF in MONITORAPP.
Protect both Application and APIs
As the use of the cloud increases, security issues in web applications and APIs are emerging, and attacks targeting them are increasing.
MONTIORAPP’s web application firewall is evolving from a traditional web security platform to Web Application & API Protection (WAAP), which integrates API security, DDoS protection, and bot management. Secure your business assets against advanced cyber threats with a stronger MONITORAPP AIWAF.
Delivers secure business environment
Robust security with application security- optimized AIOS and world-leading proxy technology
Patented Adaptive profiling technology and threat intelligence AICC interworking to defend against unknown web attacks
Provides a variety of operational convenience features and intuitive, granular reports that minimize complex policy setup and management
Provides a variety of configurations, including inline mode and reverse proxy mode, and delivers security services with the same performance as virtual appliance and SECaaS
Defends fully any attack through the web.
The AIWAF of MONITORAPP can defend against any attack through the web, from DDoS attacks to OWASP 10 vulnerabilities, to NIS 8 vulnerabilities SQL injection / XSS attacks, to web shell attacks. Because MONITORAPP has the best technologies for protecting web applications. Adaptive profiling technology is a self-learning provisioning technology that enables the creation and application of automated WEB security policies. Self-learning profiling implements profile DB based on the normal request/response of the web server and blocks abnormal requests from sources to minimize false or false information. So here's one of the threat intelligence platform based on machine learning, AICC (application insight cloud center) dictionary by sharing real-time threat intelligence collection, analysis server has to work with.: This allows you to detect threats in advance and preemptively defend the unknown Attack. Enhanced security with bot detection, CAPTCHA authentication and blacklist DB, bypass access IP detection, multi-encoded attack detection, DBMS error detection, and HTTPS traffic handling.
Typical web attacks being defended by AIWAF
- Malware Infection Detection
- SQL Injection
- Vulnerable Page Access
- Malicious File Access
- Scanner/Proxy/Spambot Detection
- Upload Malicious File Access
- Command Injection
- Cookies falsified
- Header Vulnerability
- File system Access
- Web Server/Application Vulnerability
- Directory Access
Enjoy the best performance without slowing down your web services
AIWAF's transparent proxy technology is implemented as a proxy type without changing the existing network configuration. High-performance packet processing and load balancing algorithms maximize the performance of high-capacity traffic. It has SSL traffic handling, but it automatically scans non HTTP traffic, bypasses, and accelerates through Web caching to ensure maximum performance without sacrificing speed. Fail-open and fail-over features for non-disruptive delivery of Web services, and automatic by-pass function ensure web service availability in the event of a web service failure due to performance limits.
▲ AIWAF function process flow
Provides intuitive UI and detailed dashboards.
AIWAF UI is designed to be intuitive and easy to manage for security personnel. User satisfaction is maximized with a convenient interface, intuitive controls, visible reports of attacks and traffic, and monitoring of web server service health.
Multi-domain management allows multiple security officers to create independent and different security policies for their assigned domains. Setting security policies and contents related to system operation, such as dashboards and reports, are also provided independently.
Over 14 years focusing on WAF
AIWAF has already been recognized for its performance as it has been supplied to more than 4,000 public institutions and financial institutions at home and abroad. BMT has proven performance that surpasses domestic and foreign competitors, and it is being supplied to the first financial group, the virtual currency exchange, and large public institutions to expand its global customer base.