Application Shield Feature List

Last update:2022-04-14 08:31:17

Application Shield Feature List

Application Shield combines CDN acceleration, web application firewall (WAF) and DDoS protection in a cloud-based solution, which protects web sites, web applications, and APIs against today’s and tomorrow’s internet threats while providing great performance experience. Application Shield fully covers the OWASP top 10 threats, as well as API attacks and DDoS attacks. It offers fully configurable signature-based policies, as well as Access Control policies and rate-limiting options. Combined with visual dashboards, alerts, and intuitive attack investigation tools, it fulfills the security requirements of the largest and most demanding customers globally.

Applicable Product Lines

  • Application Shield

How It Works

Application Shield is a cloud-based WAF and DDoS protection solution, deployed on CDNetworks global Points-of presence (PoPs) to detect and defend against web attacks in real-time. This happens at the edge of the network, far before the attack can hit, manipulate, or overwhelm the customers’ data centers and origin servers. CDNetworks’huge infrastructure also deflects DDoS attacks, keeping them away from smaller, more vulnerable networks. As customers continue to use the platform, the data gathered is fed to CDNetworks’ big-data system, powered by AI to further process events offline, in near real-time to generate new defense strategies. These strategies are then distributed immediately to all PoPs, making the entire defense infrastructure even more effective.

Key Features and Benefits

Feature Description Benefit
OWASP Top 10 Threats Hundreds of WAF signatures and policies to defend against the top threats, as published by OWASP, Such as injections, directory traversal, XSS and more. Protect your web assets against the most common and most dangerous threats. Protect your data and assets, as well as your users’ private information and devices from being hacked.
DDoS Mitigation Application-layer DDoS mitigation and Network layer DDoS protection Keep your sites and apps durable and always available. Protect your online business from those who may wish to take it down.
Customizable WAF Policy Hundreds of pre-configured signatures and patterns that can be selected to defend your website and application. Hundreds of pre-configured signatures and patterns that can be selected to defend your website and application.
Multiple enforcement modes WAF as a whole, as well as any single policy, can be switched on or off or can be set to work in log mode. Maximum flexibility in deployment and enforcement, easily testing of new policies without potential “false positives”
Advanced rule exceptions Create exceptions to WAF rules by IP address, URI, HTTP headers and other parameters Avoid false-positives and blocking of legitimate users without comprising your application security.
Access Control Policies Defne who is allowed to your web application by IP address, HTTP headers and other parameters Categorially block unwanted users and potential bad traffic to avoid risks.
Rate Limiting Confgure how many HTTP requests are allowed to your backend servers per any given time. Reduce risks of brute-force and other automated attacks.
Visual Dashboard View attack trends on a real-time dashboard, filter by domains, attack types, dates and more parameters Get an immediate and intuitive picture of your security status.
Incident Investigation Search incident log for attacks by IP, attack type, action taken, rule ID, user-agent, country and more parameters. Easily investigate attacks and attack trends. Correlate between events by clickable parameters.