WAF & API Gateway
Centralized WAF management. Zero-downtime rule control.
A unified platform for deploying and operating Web Application Firewalls — built on Caddy, Coraza, and the OWASP Core Rule Set. Live configuration, enterprise logging, and full SIEM integration without the fragmentation.
Platform features
Every layer of WAF operations, under one roof
OWASP CRS Protection
Per-rule enable/disable controls, paranoia levels 1–4, and anomaly scoring — tune the OWASP Core Rule Set precisely for your application without blanket overrides.
Detection Mode
Log requests without blocking during rollout. Identify false positives safely in production before flipping to enforcement — no surprises, no downtime.
Custom Rules
Write ModSecurity SecLang rules directly in the platform. Structured rule builders, request-based allowlists, webhook bypasses, and IP-based access restrictions all supported.
Enterprise Logging
Real-time event streaming with client IP, URI, and matched rule detail. GeoIP enrichment, severity assessment, and analytics across attacking IPs, triggered rules, and block rates.
GeoIP Country Blocking
IPv4 and IPv6 country blocking powered by MaxMind GeoLite2. Dynamic CIDR computation requires no recompilation and adds minimal processing overhead per request.
Security Headers
Automatic injection of HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, and Cross-Origin-Resource-Policy on every response.
TLS Management
Automatic Let's Encrypt certificate issuance and renewal, custom certificate upload, and backend TLS validation — all managed from a single interface.
Alerting & Integration
Rate and block-count threshold alerts, anomaly score spike detection, and delivery via Slack, webhook, or SMTP. Syslog RFC5424 and HTTPS POST keep your SIEM pipeline fed.
Ready to bring your WAF operations under one roof?
Request access Frequently asked questions
Search keywords..
What is the WAF platform built on?
Can I tune rules without taking the WAF offline?
How does Detection Mode help during initial deployment?
How does the WAF integrate with our existing SIEM?
Didn’t find the answer you were looking for?
Contact us, we’re here to help