Mikiri WAF

Mikiri WAF is a New Generation Web Application Firewall designed to protect websites, online stores, personal accounts, portals, marketplaces, APIs, and other web applications from compromise attacks, parasitic bots, and other OWASP threats.

Mikiri WAF uses unique technologies for detecting parasitic activity, is easily configured via API and web interface, and accurately detects attacks with minimal false positives. Mikiri WAF is flexibly scalable, and specialized components such as API Firewall, vulnerability scanner, and others provide a comprehensive solution for web application and API security.

Mikiri WAF is a modern solution that incorporates both the functionality inherent to application-level firewalls and additional threat-mitigation mechanisms, including anti-bot protection and other important defense mechanisms.

CHOOSE YOUR PLAN

LIGHT

Basic WebApp protection.
Signature Analysis. Bot protection.

Common

  • On-premises software
  • No software restrictions on traffic volume and RPS
  • Access to IP Geolocation base and Threat Intelligence feed
  • Deployment in a virtual environment as a Docker containers

Installation and scaling

  • Reverse proxy operating mode
  • Active-Active and Active-Passive clustering
  • Fault-tolerant operation of components
  • Multi-node installation support
  • Multi-tenancy mode
  • Canary method: setting up delayed application of new settings for component server groups

Attacks detection

  • OWASP-class threats protection
  • Malicious bots protection
  • Anti-bot mode: smart client verification
  • Web scraping protection
  • Virtual Patching (signature based)
  • 0-day vulnerabilities exploitation protection (signature based protection)
  • Retrospective traffic analysis

Request analysis

  • HTTP/1.1, HTTP/2, HTTP/3
  • WebSocket, gRPC, REST (RESTful), SOAP over HTTP
  • HTML5, JSON, XML, GraphQL, multipart/form-data
  • Blocking requests based on attack indicators
  • Checking RFC compliance requests
  • Multiple normalization and deep inspection
  • Hardware-supported SSL/TLS termination

Additional features

  • Getting detailed information about an IP address
  • Personalizing the page for blocked requests
  • Malicious bots protection
  • Data Masking (PCI DSS Requirement)

Logs and Events

  • Centralized collection of information on detected attacks/anomalies
  • Obtaining information about detected attacks/anomalies using the web interface and API

Third-party systems integrations

  • Third-party Threat Intelligence feeds integration
  • Third-party Anti-DDoS services integration
  • Third-party antivirus systems integration via ICAP
  • Any CAPTCHA service integration

BUSINESS

Standard WebApp and API protection.
ML Analysis. API Firewall.

Everything in Light, plus:

Attacks detection

  • ML analysis
  • API Firewall
  • Virtual Patching (signature based and ML generated)
  • 0-day vulnerabilities exploitation protection (signature and ML based protection)
  • Client behavioral activity analysis

Logs and Events

  • Obtaining component operation logs using the web interface and API
  • Mikiri WAF component operation events to third-party systems integrations
  • Obtaining information about the current state of hardware resources of Mikiri WAF servers using the web interface and API
  • Obtaining information about detected attacks/anomalies using the web interface and API

ENTERPRISE

Advanced WebApp and API protection.
Request and Response Analysis. Vulnerability Scanner. More opportunities.

Everything in Business, plus:

Response analysis

  • HTTP/1.1, HTTP/2, HTTP/3
  • WebSocket, gRPC, REST (RESTful), SOAP over HTTP
  • HTML5, JSON, XML, multipart/form-data
  • Blocking responses based on attack indicators
  • Blocking attacker access to an already compromised system.

Additional features

  • Mikiri WAF Scanner (vulnerability detection and attack verification using a built-in dynamic analyzer)
  • Collecting request processing statistics (statistics on response codes, blocking types, cache access, BL/WL etc.)
  • Collecting traffic statistics (incoming and outgoing traffic)

FAST and ACCURATE

Through combined analysis and an intelligent approach, Mikiri WAF quickly and accurately detects attacks on web applications:

  • Signature method’s attack detection time from 0.001 sec.
  • The time of detecting attempts to download viruses from 0.015 sec.
  • Machine learning module’s attack detection time from 0.07 sec.
  • API Firewall module’s attack detection time from 0.003 sec.

PRICING AND LICENSING MODEL

The price of Mikiri WAF is determined by the selected tariff plan, the number of additional Filters (additional licenses), and the number of additional behavioral models. A machine learning model improves attack detection accuracy; a separate behavioral model is required for each domain.

TRY IT FOR FRE

Mikiri WAF has many advantages:

  • Web Application and API Security;
  • Analysis of both requests to the web server and responses from it;
  • Machine learning module for zero-day attack detection and false positive suppression;
  • Manage web server and WAF settings via API and web interface;
  • Possibility to roll back to previous settings;
  • Vulnerability scanner and virtual patching system;
  • Anti-bot and advanced bot protection;
  • Masking of sensitive data, including the ability to set your own masking template;
  • Full analysis of HTTP(s) (versions 1, 2, 3), as well as WebSocket and gRPC (protobuf);
  • Support for multi-tenancy and clustering;
  • Scalability, no restrictions on traffic volume and number of requests;
  • A full-fledged boxed version, resistant to cross-border blocking or data transfer restrictions;
  • Detailed and structured technical documentation.

Test Mikiri WAF for free by sending a request for a trial version to [email protected] (requests are accepted only from corporate email).