1. What is the difference between WAF and kuberenetes containers?
    • WAF is legacy based WAF.
    • Prophaze WAF is more customized with unique features like automated rules
    • Required 15 minute for deployment
    • First company to have WAF on Kubernetes
    • Core Indian company,
    • Signature WAF based but ml based
    1. What’s the uniqueness of WAF?
    • Ease of deployment
    • Customer support is responsive within 1hr
    • We can scale up based on customer requirement.
    • Can detect anomalies and Bot.
    • Kubernetes deployment – hence its very easy to deploy for the clients who are using Kubernetes.
    1. How Prophaze WAF different from others?

    Our architecture is built on Kubernetes which makes it very easy to scale up and to integrate into existing k8 architecture.
    Our WAF is one of the few that uses k8s advanced architecture for maximum leverage. Also apart from the regularly updated static rules what sets us apart is the machine learning module which learns the user behavior on the web application and identifies the bots that are not real users and prevents attacks

    1. How does the container architecture will benefit the customer?

    It just the matter of one line command. Prophaze is the first distributed arch (Kub WAF), packaged as a stand-alone WAF.

     

    1. What are the types of deployments?
    • Cloud
    • Server
    • Serverless
    • PaaS
    • Containers

     

    1. Where we are deploying?

    It depends on customer. We have SaaS version too. All type installation is ok, mainly keeping 2 type deployment.

    1. How to onboard it if it is needed now?

    Only 15 min required with needful inputs

    1. What all changes do we need to make for onboarding?
    • Currently, we can do the onboarding with very minimal downtime,
    • What the client needs to do is add a CNAME record to their DNS manager, by deleting the existing one.
    • And provide us with the domain name and endpoint IP address that was first present in the DNS record.

     

    1. Does the Prophaze WAF support HTTPS?

    Yes the WAF does support HTTPS, the SSL certificate is created by the WAF itself, which is an automated process that happens after the initial onboarding process. Also if the customer wants, they can import their existing SSL certificate to our WAF.

    1. Does your WAF support SIEM integrations?

    Yes, Prophaze does support all the major SIEM integrations. As per your preference, we can also support other integrations.

    We have connection with IBM/ SPLUNK etc… Our architecture is flexible and can integrate with any custom solution, and can do it based on customer requirement

    1. How many rules u r keeping?

    2000 rules as of now

    1. Where the hosting happens: on cloud or premises?

    Have both, however we are preferring cloud only

    1. Any specific clouds to host?

    No, Prophaze can be deployed in any cloud servers

    1. How do u mange multi-tenant deployment?

    Prophaze handles multi-tenant deployment by default

    1. Is the manually done this patching?

    It automated patching within WAF

    1. Is that something customizable rules?

    Yes, we have a fully customized rule page where the user can

    1. Is the dashboard accessible to customer?

    Yes, ACCESSIBLE TO CUSTOMER. Also you can download all the attack traffic data as CSV or PDF etc.

    1. Whatever patching you are doing or fixing, is there any option to know the details for customer?

    We do not do any patching on the customer side we look for zero day exploits and the open source codes that is used might have vulnerabilities. We do a quick patch as in block the request on the WAF side only we do not tamper with the customer application

    1. Coming to the app based attacks, coming to zero day what is the capacity/time frame you are providing?

    alla re based on signature base. We are on behavioral based solution. We are understanding the tech and business use case and we are analyzing it profiling, and this profiling is adapting to the ml based algorithm that how we are dealing with the zero day.

    1. Where will you store customer data?

    We do not store any customer data at all we only deal with the metadata like IP address request URI content header and all in a In house database

    1. How do u inject logs into your system?

    Prophaze don’t take a customer data logs, only tracking the access logs.

    1. Will a client having an application in Europe be routed through your servers in the Asia region?

    Prophaze offers the SaaS model, where the WAF is installed on our own servers, we have multiple instances running around the world. We can route the traffic of the application through the servers which are in close proximity to it, thereby reducing latency.

    1. Difference between regular (AWS/AZURE) n Prophaze WAF?

    The AWS WAF and Azure WAF usually comes pre-built , these are the very basic WAFs available in the market , Prophaze has a lot more to offer apart from regularly updated static rules our Machine Learning module learns the user behavior overtime and finds bots that attack the app .
    As per Prophaze architecture we can integrate with any APIs and can enable SIEMS integration as well.