Kubernetes WAF

Native Kubernetes WAF

Prophaze Kubernetes WAF can be deployed on all types of environments, including public cloud, private cloud, and on-premise. It is a native WAF for Kubernetes that secures microservices across Kubernetes clusters from malicious or illegitimate traffic and requests. Prophaze Kubernetes WAF secures your Kubernetes deployment from OWASP Top 10 Vulnerabilities by running inside your Ingress Controller.

How Kubernetes WAF Works?

Prophaze Kubernetes WAF is an Enterprise Grade Kubernetes Web Application Firewall that is deployed as a microservice along with your other components. It will work alongside with cloud load balancer and filters all the incoming traffic towards your API services.

Use the Helm chart to create or update your ingress controller in your cluster. Prophaze can help with dedicated onboarding of the WAF controller in your cluster.

Latest Threat Database:- Prophaze Kubernetes WAF comes with daily updated rules and signature databases. Have access to dozens of premium signature database, and supported by International Security Researchers

Prophaze KubeWAF is updated with

• Latest Threat Database
• Real time Monitoring System
• Live Alerts
• Updated DDoS Protection Rules
• Protection Against Bad Bots which Eats Bandwidth

AI-Based WAF:- EagleEye servers equipped with Artificial Intelligence-based tools that monitor every request and categories those based on their previous threat score and takes a decision to route that traffic.

Payload Scanning:- Prophaze EagleEye is a new generation web application firewall which intelligently tracks down the malicious request into your Web APIs. It uses multiple attack detection algorithms to monitor all the incoming requests and will pass only legitimate requests to the host server.

Real-time Dashboard:- EagleEye comes with ‘to the point dash’ so the necessary information needed for monitoring the protection is available.

• Real-time Monitoring System
• Live Alerts of incidents
• Reporting with filtering
• View and Send reports via email or via slack alerts

API Security

Public, private, or partner-facing APIs have a key role in accelerating digital transformation. However, many organizations, including large enterprises, have relatively immature API security programs, thus creating a completely new attack surface. Your DevOps team can validate and deploy secure custom APIs based on OpenAPI specifications directly from the dashboard. Prophaze creates a positive security model to validate only the traffic you want to access your APIs is enforced and protects all your API endpoints. Prophaze API security is a vendor-agnostic solution supporting the leading API gateways.

> Automatic positive security model to enforce consistent boundary checking for API requests
> Test APIs for misconfigurations, logic manipulation, and input validation
> Distinguish between legitimate and malicious payloads and bots
> Use regular expressions to enforce required parameters in the message body
> Rate limiting incoming and outgoing traffic
> Integration with leading API Management vendors
> Decode Open API (Swagger) files, header and body payload
> Decode all the data formats including nested and encoded custom API protocols, such as JSON inside Base64 encoding

Automated Security Policy

Prophaze AI profiles web objects, form fields, context-based application logic and behavior, payload contents, static attributes of processes, files, and previous threat scores and automatically generates and continually updates application-specific security policy: blacklisting, whitelisting, virtual patching, response filtering and blocking.

Security teams need only fine-tune the automated security policy for specific activities and behaviors of applications and users with custom rules, updating black and whitelisting, limiting geolocation, and rate-limiting.

Automatic security policy:

• Blacklisting
• Whitelisting
• Virtual patching
• Response filtering
• Blocking

Integrations

Prophaze extends your security tech stack by routing notifications directly to communication products Slack and Microsoft Teams, to security and event management products Splunk, to security monitoring Datadog and send alerts via webhooks to existing workflows, and export events as Syslog messages, Common Event Format (CEF) and JSON format.

> SIEM – Splunk
> Monitoring – Datadog
> Communications – Slack, Teams

Prophaze WAF Features

Through automation and artificial intelligence, Prophaze WAF makes it possible for you to implement a holistic cybersecurity strategy designed to protect all your web assets, including applications, services, APIs, and endpoints, from all types of threats no matter which environments they are running. Prophaze WAF uses an AI-based firewall that can detect and block illegitimate traffic, algorithmic attacks, and exploited vulnerabilities in real-time before they reach your applications, APIs, and Kubernetes microservices.

The WAF service gives you the capability to protect your web assets from various types of threats, vulnerabilities, and attack vectors. For instance, it can detect, analyze, and block DDoS traffic coming from malicious networks of bots. Prophaze WAF also doesn’t permit traffic and requests sent by brute force, scraping, exploit, and API abuse bots to pass through your public cloud, private cloud, or on-premise networks.

 

> Holistic Threat Protection > Bot Traffic Blocking > Anti-DDoS Protection > API Security Management > Algorithmic Attacks > Server & Application Vulnerabilities > AI-Based Firewall > Dashboard > Threat Investigation

> Automated Security Policies > Virtual Patching > Flexible Deployment > Native Kubernetes WAF > Security Technology Stack Integration > Real-Time Security Alerts > Threat Intelligence > Server Health Monitoring