Storm's Web Application Firewall (WAF) is an intelligent gateway that qualifies traffic to your web application. Malicious visitors and traffic are blocked or redirected, even when masked as legitimate traffic. With a WAF you're protected against attacks like cross-site scripting (XSS), SQL injections, remote file inclusion and execution, and more.
Log into the Storm Security Centre and activate your Web Application Firewall in a few clicks. Pre-configured rule sets protect against common and less common forms of attacks, which means less work and more end-to-end application security.
Custom WAF rule support comes standard with Storm's PCI-DSS 3.2 compliant CloudFlare package. Easily whitelist legitimate traffic and reduce false positives for more accurate organisation-specific protection of your critical applications and data.
Storm's Web Application Firewall delivers learned intelligence from threats detected and blocked across 10,000,000 websites. New threats are automatically added to your active rule set, delivering 24/7 cutting-edge protection.
OWASP ModSecurity Core Rule Set (CRS) delivers WAF attack prevention based on broad consensus critical security risks. Protection against the OWASP Top Ten list of critical threats is automatically included. OWASP project members consist of security experts from around the world who share their expertise.