Our advanced web application and API protection is the next generation of cloud security. It combines the best in emerging technology to give you unmatched visibility, scalability, security, and performance.
Server-side software installs on your infrastructure via public repositories and configuration management tools
Our agents are deployed on your existing infrastructure and perform detection and decisions against requests quickly and accurately
Our modules are an optional but powerful component that pairs with the agents to enforce fail-open functionality
When traffic reaches the server, the module passes the request to the agent which then determines if the request is malicious. The agent responds back to the module to block or log the traffic based on the mode. All detection takes place at the agent level within your infrastructure. The agent collects metadata about the malicious requests it has processed and shares that metadata with the Cloud Engine.
Cloud WAF deployment protects serverless instances and other applications where installing the agent-module pair is not an option. With just a DNS change, all web requests are redirected to the Signal Sciences Cloud Engine where bad requests are detected and blocked. All good, legitimate traffic is then forwarded to the customer’s application origin server.
Our native integrations with Kubernetes as well as Envoy Proxy and Istio service meshes provide visibility into both north-south (client-server) and east-west (service to service) requests. Traditional WAF appliances are hard-pressed to match this level of cloud-native support.