Protect your Kubernetes clusters on cloud and on-premise
Prophaze Kubernetes WAF secures your production Kubernetes deployments without the learning curve or complexity. Prophaze Helm Chart installation replaces the existing ingress controller with Prophaze custom ingress controller in zero downtime. Prophaze Kubernetes WAF is deployed in line with the cloud load balancer as a Kubernetes microservice to inspect packets at ingress level towards API services. It can be deployed within a few hours.
Prophaze WAF provides API security features that prevent cybercriminals, hackers, and fraudsters from exploiting vulnerabilities in APIs. You’ll be able to build a security model that defines the kind of traffic allowed to access your APIs, control the amount of incoming and outgoing traffic handled by APIs, and check your APIs if they validate input data properly, have the right configurations, and are not vulnerable to logic manipulation.
Native Kubernetes WAF
Prophaze Kubernetes WAF can be deployed on all types of environments, including public cloud, private cloud, and on-premise. It is a native WAF for Kubernetes that secures microservices across Kubernetes clusters from malicious or illegitimate traffic and requests. Prophaze Kubernetes WAF secures your Kubernetes deployment from OWASP Top 10 Vulnerabilities by running inside your Ingress Controller.
How Kubernetes WAF Works?
Prophaze Kubernetes WAF is an Enterprise Grade Kubernetes Web Application Firewall that is deployed as a microservice along with your other components. It will work alongside with cloud load balancer and filters all the incoming traffic towards your API services.
Use the Helm chart to create or update your ingress controller in your cluster. Prophaze can help with dedicated onboarding of the WAF controller in your cluster.
Latest Threat Database:- Prophaze Kubernetes WAF comes with daily updated rules and signature databases. Have access to dozens of premium signature database, and supported by International Security Researchers
Prophaze KubeWAF is updated with
- Latest Threat Database
- Real time Monitoring System
- Live Alerts
- Updated DDoS Protection Rules
- Protection Against Bad Bots which Eats Bandwidth
AI-Based WAF:- EagleEye servers equipped with Artificial Intelligence-based tools that monitor every request and categories those based on their previous threat score and takes a decision to route that traffic.
Payload Scanning:- Prophaze EagleEye is a new generation web application firewall which intelligently tracks down the malicious request into your Web APIs. It uses multiple attack detection algorithms to monitor all the incoming requests and will pass only legitimate requests to the host server.
Real-time Dashboard:- EagleEye comes with ‘to the point dash’ so the necessary information needed for monitoring the protection is available.
- Real-time Monitoring System
- Live Alerts of incidents
- Reporting with filtering
- View and Send reports via email or via slack alerts
Public, private, or partner-facing APIs have a key role in accelerating digital transformation. However, many organizations, including large enterprises, have relatively immature API security programs, thus creating a completely new attack surface. Your DevOps team can validate and deploy secure custom APIs based on OpenAPI specifications directly from the dashboard. Prophaze creates a positive security model to validate only the traffic you want to access your APIs is enforced and protects all your API endpoints. Prophaze API security is a vendor-agnostic solution supporting the leading API gateways.
> Automatic positive security model to enforce consistent boundary checking for API requests
> Test APIs for misconfigurations, logic manipulation, and input validation
> Distinguish between legitimate and malicious payloads and bots
> Use regular expressions to enforce required parameters in the message body
> Rate limiting incoming and outgoing traffic
> Integration with leading API Management vendors
> Decode Open API (Swagger) files, header and body payload
> Decode all the data formats including nested and encoded custom API protocols, such as JSON inside Base64 encoding
Automated Security Policy
Prophaze AI profiles web objects, form fields, context-based application logic and behavior, payload contents, static attributes of processes, files, and previous threat scores and automatically generates and continually updates application-specific security policy: blacklisting, whitelisting, virtual patching, response filtering and blocking.
Security teams need only fine-tune the automated security policy for specific activities and behaviors of applications and users with custom rules, updating black and whitelisting, limiting geolocation, and rate-limiting.
Automatic security policy:
- Virtual patching
- Response filtering
Prophaze extends your security tech stack by routing notifications directly to communication products Slack and Microsoft Teams, to security and event management products Splunk, to security monitoring Datadog and send alerts via webhooks to existing workflows, and export events as Syslog messages, Common Event Format (CEF) and JSON format.
> SIEM – Splunk
> Monitoring – Datadog
> Communications – Slack, Teams
Prophaze WAF Features
Through automation and artificial intelligence, Prophaze WAF makes it possible for you to implement a holistic cybersecurity strategy designed to protect all your web assets, including applications, services, APIs, and endpoints, from all types of threats no matter which environments they are running. Prophaze WAF uses an AI-based firewall that can detect and block illegitimate traffic, algorithmic attacks, and exploited vulnerabilities in real-time before they reach your applications, APIs, and Kubernetes microservices.
The WAF service gives you the capability to protect your web assets from various types of threats, vulnerabilities, and attack vectors. For instance, it can detect, analyze, and block DDoS traffic coming from malicious networks of bots. Prophaze WAF also doesn’t permit traffic and requests sent by brute force, scraping, exploit, and API abuse bots to pass through your public cloud, private cloud, or on-premise networks.