Additional Information

Comprehensive Web Application Security
Hillstone Web Application Firewall (WAF) provides complete security of web-based applications and APIs for enterprises and other organizations. It detects and defends against attacks at both the network layer (such as DDoS attacks, flood attacks, scan and spoof, etc.), and at the application layer (such as the OWASP Top 10 risks including injection attacks, cross site scripting (XSS) attacks, injection, etc). Hillstone WAF automatically discovers web servers and related assets and puts them under protection. With this capability, Hillstone WAF covers the entire web estate even when it scales, which helps improve operational efficiencies and deliver faster time-to-value.

Improved Detection Accuracy and Efficiency with Dual Engines
Hillstone WAF integrates the industry’s most innovative semantics analysis with traditional WAF detection engines. Combined with traditional rules-based detection, the semantics analysis engine helps further detect threats like SQL injection and cross site scripting, and minimizes false positives. Hillstone WAF’s recursive decoding capability also detects attacks that are obscured by multiple encoding. This dual-engine approach significantly improves the accuracy of detection and efficiency in operation.

Machine-Learning-Driven Security Rule Optimization and Unknown Attack Defense
In addition to general protection based on rules and scripts for known attacks, Hillstone WAF’s auto-learning capability helps mitigate never-before-seen exploits to protect specific applications from zero-day attacks. Its ML-based model learns from the data of normal traffic such as parameter length, cookie, HTTP methods, etc., tunes itself based on the test results as well as input from administrators, and continues updating the learning models and optimizing WAF rules as applications evolve. It significantly reduces operational overhead by eliminating the troubleshooting of false positives and manual policy tuning.