Detect and block exploit attacks against web vulnerabilities announced in OWASP Top 10. Use a validated OWASP CRS ruleset.
Detect and block hacking attacks against web with server-side agent software and provides a dedicated central management system for efficient management even in large web server environments.
You can use it without any configuration changes as your web server’s throughput increase, because it is not a hardware-based solution.
Even if our solution stops working, your web service will still be connected, because we are
not a way to bypass your web traffic with a cloud service infrastructure.
F1Security WEBCastle can be easily installed by downloading the Web Firewall Agent software from an intuitive central management system. WEBCastle provides accurate ruleset-based detection and blocking for OWASP's TOP 10. It can run on existing legacy web servers or virtual machines in the cloud. WEBCastle does not send any web traffic to the cloud, so you can use it without worrying about information leaks from service providers.
Detect and block exploit attacks against web vulnerabilities announced in OWASP Top 10. Use a validated OWASP CRS ruleset.
Easy installation with no changes to existing network topology, even no need to change DNS servers.
Built-in real-time dashboard and report generation. Intuitive UI provides convenience. API interworking function for advanced users.
Even with increased web server throughput, you can use the same license fee without any additional cost.
If our agent and service platform are stopped, your web service will not be affected. Does not deliberately bypass any of your web traffic.
No web traffic is inspected via the cloud, just is handled inside a server, there is no worry of data leaking through the service provider’s system.
OWASP Top 10 - 2017 | WEBCastle |
---|---|
A1:Injection | |
A2:Broken Authentication | |
A3:Sensitive Data Exposure | |
A4:XML External Entities (XXE) | |
A5:-Broken Access Control | |
A6:-Security Misconfiguration | |
A7:-Cross-Site Scripting (XSS) | |
A8:-Insecure Deserialization | |
A9:-Using Components with Known Vulnerabilities | |
A10:-Insufficient Logging & Monitoring |
Detect and block attacks in real time on the top 10 most critical web application security risks with a validated OWASP CRS ruleset.
Also can apply user-defined-rulesets for your environment.
You can choose the security level of the attack and the blocking policy after detection. Or, simply use the default settings to get effective protection. As the rapid vulnerability attack changes, Managed rulesets are updated regularly by F1Secuity R&D Lab to provide fast and seamless protection against the latest attack.
After signing up, you can download the agent software from the management console and install it on your web server and enable web security immediately. No troublesome DNS server changes and no network topology changes for hardware installation.
If you change the DNS server's IP address for a proxy-based web application firewall, the change will take several tens to hours to propagate to the Internet. Our software-based web application firewall can use security features immediately after a few minutes of installation without affecting web service access.
We Build, operate, and provide our customers with a central management system in the cloud. But no website access traffic goes through our cloud infrastructure. As a result, our cloud infrastructure failure does not cause any problems for our customers' web services.
Web hacking attack detection and blocking of F1Security WEBCastle is handled inside the web server. Also, for web hacking protection, we do not pass or store any customer web service traffic in our cloud infrastructure, so no web traffic information is leaked from our infrastructure.
Learn moreWe do not need large-scale cloud infrastructure to bypass and handle access traffic to customer websites, and we do not need dedicated hardware equipment to install customer's network. With the software we developed, everything is solved.
As your web server hardware specifications increase, you can use the same license at no extra cost, even if your web traffic throughput improves. On the other hand, if you use hardware-based WAF appliance, proxy-based SECaaS type WAF services, you can incur significant additional costs.
Learn more