Web Application Firewall
Quttera's Cloud-Based Web Application Firewall (WAF) filters all incoming traffic to your website or application. Provided as a part of the ThreatSign! Website Anti-Malware platform Quttera's WAF blocks malicious visitors and requests like SQL injections, XSS, and other application-layer attacks as well as unknown (zero-day) threats.

A traditional firewall is application-agnostic. It filters traffic based on origin, protocol, and well-known patterns. Increasingly, though, attackers go after vulnerabilities in applications and content management systems. A conventional firewall won't recognize those threats. A WAF knows about application-specific attacks and stops them from getting through.
Tens of thousands of websites are hacked every day, many of them belonging to small businesses. Websites are popular targets because they're exposed to outside access and they offer a chance to cheat all the people who visit the sites. Strong protection is necessary to keep a website safe from the constant barrage of attacks.

Quttera's unique threat detection technology powers WAF traffic filtering rules, which are maintained by a dedicated team of seasoned security professionals. Our scanners are continually crawling the web and scanning millions of URLs for malware each month, and we use the information on detected threats and potentially suspicious activity to update the protection of our entire customer community immediately.

How it works
Quttera WAF proactively secures your website from cyber attacks. It monitors all incoming traffic and analyzes the requests before passing them on to your site. It filters out the traffic from known malicious resources and continuously adapts to the evolving threats to identify new, suspicious requests. Quttera WAF is a managed service that protects from application layer attacks.

We offer two easy deployment options. Endpoint WAF is installed next to the protected website, using a PHP hook on the website host. DNS WAF runs on our WAF server, receiving and filtering all requests before they reach your Web server. Each of these options has advantages, depending on your needs.
Endpoint WAF requires local installation, but it benefits from its inside position. It can directly view the website environment and configuration settings. It can see all the websites on the server, and it sees application parameters in exactly the way the Web applications do. All traffic goes through the WAF, with no way to bypass it.

DNS WAF requires no installation, only a change in DNS settings so that our server receives all traffic sent to your IP addresses. Traffic which is flagged as malicious never reaches your server. Our infrastructure stops it from going any further. In addition to stopping hostile packets, this will mitigate many kinds of DoS attacks. Our infrastructure is certified ISO 27001 compliant. Adding HTTP filtering to block attempts to bypass the WAF is strongly recommended.
In either configuration, Quttera WAF complements the toolset of the vital defenses provided by the ThreatSign! Website Anti-Malware platform to ensure all-around protection for your website.

Attack Protection
Quttera WAF protects against a wide range of application security threats including:
  • OWASP Top 10
  • Virtual Patching
  • Security Misconfiguration
  • Shell Code
  • XML External Entities
  • Vulnerability Exploit
  • Brute Force protection
  • Bots (any kind of agent filtering)
  • GEO location blocking
  • Prevent upload of malicious files
  • XSS blocking
  • Injection
  • Generic Attack

Rules
To protect against today's constantly evolving web-based attacks, a global ruleset is continuously updated with Quttera's threats intelligence database crowd-sourced from a worldwide network. Flexible, level-based configuration of the rules allows detailed customization according to your specific security needs. The default ruleset can be further adjusted by applying customer-level (e.g., domain-specific) rules and whitelisting based on parameters such as IP, URL, geo-data, REGEX, severity level, etc.

Virtual Patching
You can't always patch applications as soon as their vulnerabilities are known. Quttera WAF provides additional protection with virtual patching, also known as external patching or just-in-time patching. A virtual patch is a WAF rule that mitigates a specific vulnerability, even if the publisher hasn't issued a patch or it hasn't been installed. The code running in your application isn't modified.

We deploy the patch to the WAF as soon as it's available, so that you're immediately protected without having to stop and update your software. You should still keep your software up to date, but virtual patching closes the window of vulnerability and lets you schedule updates more conveniently. You get reduced risk and less downtime.

Native Quttera Technology
  • Threat Intelligence from Quttera Labs & Heuristic engine
  • Alert only when there is a real threat
  • Updated when a new/unknown threat is detected

Support
Current version of the Endpoint WAF supports any web server running PHP. We plan to support other environments in later releases.
Protect Your Website
Website Cleanup & Malware Removal
Customers Showcase
ThreatSign! Documentation