Comprehensive Security
for Web Assets and APIs
Hillstone W-Series Web Application Firewall
High-Performance Web App Firewall Defends Against OWASP Top 10 Threats
Hillstone W-Series Web Application Firewall (WAF) provides enterprise-class, comprehensive security for web servers, applications and APIs. It defends against attacks at both the network and application layers, providing protections against DDoS, the OWASP Top 10 threats, and bot attacks, to list a few examples. In addition, the WAF validates APIs against the schema defined in OpenAPI, and automatically generates positive security model policies to detect and defend against attacks and misuse.
Hillstone’s app firewall combines traditional rules-based detection with innovative semantics analysis. This dual-engine approach significantly increases accuracy while minimizing false positives by creating a context-aware analysis engine. Hillstone WAF also leverages machine learning technology to fine tune security policies and block unknown threats and attacks. Furthermore, logs can be automatically aggregated across multiple dimensions, allowing admins to easily identify suspicious anomalies or locate false positives, and then further refine policies as needed.
Hillstone Web Application Firewall Value Proposition
Comprehensive Web Application Security
Hillstone Web Application Firewall (WAF) provides complete security of web-based applications and APIs for enterprises and other organizations. It detects and defends against attacks at both the network layer (such as DDoS attacks, flood attacks, scan and spoof, etc.), and at the application layer (such as the OWASP Top 10 risks including injection attacks, cross site scripting (XSS) attacks, injection, etc). Hillstone WAF automatically discovers web servers and related assets and puts them under protection. With this capability, Hillstone WAF covers the entire web estate even when it scales, which helps improve operational efficiencies and deliver faster time-to-value.
Advanced API Protection
As the digital transformation continues to evolve, APIs play a more and more important role in application development and integration. The popularity of APIs potentially exposes additional attack surfaces, such as excessive data exposure, lack of resources and rate limiting, injection and XSS attacks among API calls, etc. Based on the schema defined in the OpenAPI files, Hillstone WAF helps validate and generate positive security model policies to detect those threats in APIs.
Improved Detection Accuracy and Efficiency with Dual Engines
Hillstone WAF integrates the industry’s most innovative semantics analysis with traditional WAF detection engines. Combined with traditional rules-based detection, the semantics analysis engine helps further detect threats like SQL injection and cross site scripting, and minimizes false positives by creating contextual awareness. Hillstone WAF’s recursive decoding capability also detects attacks that are obscured by multiple layers of encryption. This dual-engine approach significantly improves the accuracy of detection and efficiency in operation.
Rich Logs for Intelligent Analysis and Reporting
Hillstone Web Application Firewall provides administrators and operators high visibility and comprehensive reports with threat analysis, traffic analysis, attack breakdown and threat control. Its log aggregation capability allows logs to be aggregated from multiple dimensions, which helps operators easily identify suspicious anomalies or find false positives from logs, and then tune the policies accordingly.
Machine-Learning-Driven Security Rule Optimization and Unknown Attack Defense
In addition to general protection based on rules and scripts for known attacks, Hillstone WAF’s auto-learning capability helps mitigate unknown threats to protect specific applications from zero-day attacks. Its ML-based model learns from the data of normal traffic such as parameter length, cookie, HTTP methods, etc., tunes itself based on the test results as well as input from administrators, and continues updating the learning models and optimizing Web Application Firewall rules as applications evolve. It significantly reduces operational overhead by eliminating the troubleshooting of false positives and manual policy tuning.
Featured Hillstone WAF Resources
Recent Blog Articles
Leveling Up Your Security Game: What’s New in Recent BDS Releases
HSM 5.6.0: Taking Centralized Management to the Next Level
Learn more about Hillstone’s Web Application Security Solutions
Engage with us to learn more or see a demonstration by contacting your local authorized Hillstone Networks reseller.