Catch22 WAF provides full-time protection for your websites and applications by analyzing all traffic and only allowing legitimate and authorized access. Simply:
Catch22 WAF is designed to require zero-touch configuration, and to continue getting smarter as it is used. Traffic is constantly analyzed to profile behavior, detect inconsistencies, and determine reputation, leveraging advanced intelligence algorithms and expert security analysts. Every attack makes our WAF smarter and even more secure from emerging threats..
All incoming traffic is constantly measured and if a threshold is exceeded an attack is suspected and all traffic is challenged to verify it is coming from a human.
Block attackers from injecting client-side scripts into web pages to bypass typical access controls and dupe end users.
State-of-the-art detection technologies, including device fingerprinting, protects against automated traffic with an unparalleled level of precision and control.
Protect against malicious SQL statements being entered into input fields and executed by an underlying SQL database of a vulnerable website or application.
Policies protecting against the top ten security threats identified by the Open Web Application Security Project active by default.
Catch22 WAF comes with an extensive set of smart policies, but you can create sophisticated rules to meet your specific needs, based on traffic data including URL requested, IP, country, and more, or data from within the Catch22 platform such as traffic rates.
An easy-to-use rules editor makes it simple to select and define rule variables and the actions the rule should put into effect.
Custom rules are deployed and activated globally at your push of a button. No more waiting for someone else respond to a ticket or request.
Catch22 WAF automatically protects against Layer 7 DDoS attacks, the largest and most common types of attacks. The WAF measures and analyzes all traffic coming through it; if a domain threshold, burst threshold, or sub-second burst threshold (all of which can be customized) is exceeded the WAF suspects an attack and challenges traffic to verify it is coming from a human.
Predefined thresholds can be configured per domain, allowing protection to be customized to the domain’s acceptable traffic profile.
Known legitimate traffic sources, like search engines, are allowed through even during a DDoS attack.
Catch22 provides real-time insights into your website traffic and security events.
Get real-time insights into your web application security events.
Catch22 provides information about the country and organization your visitors are coming from.
You don’t need to be a security expert to analyze your web application security events, full details about each event are available within the WAF event management.
Information about the top threat actions, origins and the most active rules provide an extra layer of info that will help you get more insights about the malicious traffic that was blocked.
Catch22 WAF runs in all of our edge locations around the world, providing your websites and applications global security in one single service.
Get CDN, WAF, DNS, and Monitoring all in one package. First month free on select Plans.