Author: admin

  • Privacy Policy

    Effective Date: May 22, 2026

    1. General Provisions

    This Privacy Policy (hereinafter referred to as the “Policy”) governs the collection, processing, use, storage, and protection of personal data and other information of visitors and users of the websites mikiri.ai and docs.mikiri.ai (hereinafter collectively referred to as the “Websites”), operated by Mikiri Security, LLC (hereinafter referred to as the “Company”, “we”, “us”, or “our”).

    We are committed to protecting your privacy and process personal data in compliance with the Law of the Republic of Armenia “On Protection of Personal Data” dated May 18, 2015 No. HO-49-N, as well as other applicable legal acts of the Republic of Armenia.

    For users from the European Union, we also take into account the principles of the EU General Data Protection Regulation (GDPR) where relevant. For users from CIS countries, we adhere to the requirements of the applicable national legislation and this Policy.

    2. Data We Collect

    2.1. Data You Provide Voluntarily

    When submitting a request forms on the Websites, you may provide:

    • First and last name
    • Email address
    • Phone number
    • Company name (if provided)
    • Message or additional information related to your request
    • Other information you choose to share

    2.2. Data Collected Automatically

    • IP address
    • User-Agent (browser and operating system information)
    • Data about your activity on the Websites (visited pages, time spent, interactions)
    • Cookies and similar tracking technologies (see Section 8)

    3. Purposes of Personal Data Processing

    We process your personal data for the following purposes:

    1. Processing and responding to your requests for piloting the On-premises WAF.
    2. Communicating with you regarding your inquiry, providing consultations, product demonstrations, and support.
    3. Improving the functionality and user experience of the Websites.
    4. Statistical analysis and analytics of website traffic.
    5. Sending marketing and commercial communications (only with your consent or where permitted by law).
    6. Compliance with legal obligations under the legislation of the Republic of Armenia and other applicable laws.

    4. Legal Basis for Processing

    The processing of your personal data is based on:

    • Your explicit consent (obtained when you submit the form);
    • Performance of a contract or pre-contractual measures (responding to your pilot request);
    • Legitimate interests of the Company (security, service improvement, business communication), provided they do not override your rights and freedoms;
    • Compliance with legal obligations.

    Under Armenian law, consent is a primary legal basis for processing. You may withdraw your consent at any time.

    5. Data Sharing and Transfers

    We do not sell your personal data to third parties.

    We may share your data only in the following cases:

    • With service providers (hosting, CRM, email services, analytics) acting on our behalf and bound by data protection obligations.
    • In the event of company reorganization, merger, or acquisition (with appropriate safeguards).
    • Upon lawful request by authorized state bodies of the Republic of Armenia or other countries in accordance with applicable law.

    International Transfers: Since users may come from the EU, CIS and other regions, personal data may be transferred and processed outside Armenia. We ensure an adequate level of protection through contractual safeguards (such as standard contractual clauses) or other appropriate mechanisms in line with Armenian law and GDPR principles (where applicable).

    6. Data Storage and Retention

    We store your personal data for as long as necessary to achieve the purposes stated in this Policy, or as required by the legislation of the Republic of Armenia.

    After the expiry of the storage period or upon your justified request, your data will be deleted or anonymized.

    7. Your Rights as a Data Subject

    In accordance with the Law of the Republic of Armenia “On Protection of Personal Data” and, where applicable, GDPR, you have the right to:

    • Access your personal data
    • Rectify inaccurate or incomplete data
    • Request deletion of your data (“right to be forgotten”)
    • Withdraw consent
    • Object to processing (particularly for direct marketing)
    • Restrict processing
    • Data portability (where technically feasible)

    To exercise these rights, please contact us using the details in Section 11. We will respond within the time limits established by law.

    8. Cookies and Tracking Technologies

    We use:

    • Strictly necessary cookies — for proper functioning of the Websites;
    • Analytical cookies — to analyze traffic and improve the Websites (e.g., Google Analytics or similar);
    • Functional cookies — to remember your preferences.

    You can manage cookie preferences through your browser settings. Note that disabling necessary cookies may affect the functionality of the Websites.

    9. Data Security

    We implement appropriate technical, organizational, and administrative security measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction.

    10. Changes to This Privacy Policy

    We may update this Policy from time to time. The current version is always available on the Websites.

    11. Contact Information

    For any questions regarding the processing of your personal data, please contact us at:

    Mikiri Security, LLC
    [email protected]

    You may also contact the Personal Data Protection Agency of the Ministry of Justice of the Republic of Armenia if you believe your rights have been violated.

    Consent

    By using our Websites and submitting forms, you confirm that you have read and understood this Privacy Policy and agree to the processing of your personal data on the terms set forth herein.

  • Mikiri WAF

    Mikiri WAF is a New Generation Web Application Firewall designed to protect websites, online stores, personal accounts, portals, marketplaces, APIs, and other web applications from compromise attacks, parasitic bots, and other OWASP threats.

    Mikiri WAF uses unique technologies for detecting parasitic activity, is easily configured via API and web interface, and accurately detects attacks with minimal false positives. Mikiri WAF is flexibly scalable, and specialized components such as API Firewall, vulnerability scanner, and others provide a comprehensive solution for web application and API security.

    Mikiri WAF is a modern solution that incorporates both the functionality inherent to application-level firewalls and additional threat-mitigation mechanisms, including anti-bot protection and other important defense mechanisms.

    CHOOSE YOUR PLAN

    LIGHT

    Basic WebApp protection.
    Signature Analysis. Bot protection.

    Common

    • On-premises software
    • No software restrictions on traffic volume and RPS
    • Access to IP Geolocation base and Threat Intelligence feed
    • Deployment in a virtual environment as a Docker containers

    Installation and scaling

    • Reverse proxy operating mode
    • Active-Active and Active-Passive clustering
    • Fault-tolerant operation of components
    • Multi-node installation support
    • Multi-tenancy mode
    • Canary method: setting up delayed application of new settings for component server groups

    Attacks detection

    • OWASP-class threats protection
    • Malicious bots protection
    • Anti-bot mode: smart client verification
    • Web scraping protection
    • Virtual Patching (signature based)
    • 0-day vulnerabilities exploitation protection (signature based protection)
    • Retrospective traffic analysis

    Request analysis

    • HTTP/1.1, HTTP/2, HTTP/3
    • WebSocket, gRPC, REST (RESTful), SOAP over HTTP
    • HTML5, JSON, XML, GraphQL, multipart/form-data
    • Blocking requests based on attack indicators
    • Checking RFC compliance requests
    • Multiple normalization and deep inspection
    • Hardware-supported SSL/TLS termination

    Additional features

    • Getting detailed information about an IP address
    • Personalizing the page for blocked requests
    • Malicious bots protection
    • Data Masking (PCI DSS Requirement)

    Logs and Events

    • Centralized collection of information on detected attacks/anomalies
    • Obtaining information about detected attacks/anomalies using the web interface and API

    Third-party systems integrations

    • Third-party Threat Intelligence feeds integration
    • Third-party Anti-DDoS services integration
    • Third-party antivirus systems integration via ICAP
    • Any CAPTCHA service integration

    BUSINESS

    Standard WebApp and API protection.
    ML Analysis. API Firewall.

    Everything in Light, plus:

    Attacks detection

    • ML analysis
    • API Firewall
    • Virtual Patching (signature based and ML generated)
    • 0-day vulnerabilities exploitation protection (signature and ML based protection)
    • Client behavioral activity analysis

    Logs and Events

    • Obtaining component operation logs using the web interface and API
    • Mikiri WAF component operation events to third-party systems integrations
    • Obtaining information about the current state of hardware resources of Mikiri WAF servers using the web interface and API
    • Obtaining information about detected attacks/anomalies using the web interface and API

    ENTERPRISE

    Advanced WebApp and API protection.
    Request and Response Analysis. Vulnerability Scanner. More opportunities.

    Everything in Business, plus:

    Response analysis

    • HTTP/1.1, HTTP/2, HTTP/3
    • WebSocket, gRPC, REST (RESTful), SOAP over HTTP
    • HTML5, JSON, XML, multipart/form-data
    • Blocking responses based on attack indicators
    • Blocking attacker access to an already compromised system.

    Additional features

    • Mikiri WAF Scanner (vulnerability detection and attack verification using a built-in dynamic analyzer)
    • Collecting request processing statistics (statistics on response codes, blocking types, cache access, BL/WL etc.)
    • Collecting traffic statistics (incoming and outgoing traffic)

    FAST and ACCURATE

    Through combined analysis and an intelligent approach, Mikiri WAF quickly and accurately detects attacks on web applications:

    • Signature method’s attack detection time from 0.001 sec.
    • The time of detecting attempts to download viruses from 0.015 sec.
    • Machine learning module’s attack detection time from 0.07 sec.
    • API Firewall module’s attack detection time from 0.003 sec.

    PRICING AND LICENSING MODEL

    The price of Mikiri WAF is determined by the selected tariff plan, the number of additional Filters (additional licenses), and the number of additional behavioral models. A machine learning model improves attack detection accuracy; a separate behavioral model is required for each domain.

    TRY IT FOR FRE

    Mikiri WAF has many advantages:

    • Web Application and API Security;
    • Analysis of both requests to the web server and responses from it;
    • Machine learning module for zero-day attack detection and false positive suppression;
    • Manage web server and WAF settings via API and web interface;
    • Possibility to roll back to previous settings;
    • Vulnerability scanner and virtual patching system;
    • Anti-bot and advanced bot protection;
    • Masking of sensitive data, including the ability to set your own masking template;
    • Full analysis of HTTP(s) (versions 1, 2, 3), as well as WebSocket and gRPC (protobuf);
    • Support for multi-tenancy and clustering;
    • Scalability, no restrictions on traffic volume and number of requests;
    • A full-fledged boxed version, resistant to cross-border blocking or data transfer restrictions;
    • Detailed and structured technical documentation.

    Test Mikiri WAF for free by sending a request for a trial version to [email protected] (requests are accepted only from corporate email).