Modern attacks must have a competitive defense due to their evolving and dynamic nature. Attackers are now employing novel attack strategies (Zero-day attacks, Bot attacks, etc…) to breach unsuspecting systems. This makes it difficult to be defended by conventional WAFs which offer protection only to known attacks (signatures).

Conventional WAFs face typically two major obstacles. One is the possibility of false positives from various scenarios in the application, impacts the operation of the application. The likelihood of successful execution of unidentified attacks poses a further difficulty. Conventional WAFs typically use negative security model which involves blocking only what is known to be malicious. In case a new attack occurs, whose signature is not identified, it will be let through. On the other hand, the positive security model allows only what is non-malicious and everything else gets blocked.

Prophaze WAF has an intelligent core which uses an adaptive positive security model to regulate web traffic to the application. The application is profiled continuously using various machine learning and deep learning techniques to learn and understand what the legitimate traffic looks like. This is used as a reference in classifying whether an incoming request is malicious or not. Prophaze WAF blocks various threats like Zero-day attacks, DDoS, Bot attacks, and more.