Secure your web apps & APIs with Blindspot WAAP

Blindspot's Web Application and API Protection (WAAP) is a cloud service protecting your web applications and APIs by filtering HTTP/S requests. What sets it apart is its adeptness to the unique structure of the specific application, ensuring a tailored defense every time.

WAAP is a cybersecurity essential in today's digital landscape

70 %

web applications use third-party code

80 %

web traffic goes through the API

Enhanced security for your web applications

Full coverage of OWASP Top-10 attacks and OAT

Deploy using application path or DNS

Quick and easy implementation

Elevated protection for your API

Avoiding app unavailability due to broken API

Protecting your APIs from attacks

We won't allow sensitive information to leak through your API

How Blindspot's WAAP secures your digital assets

Blindspot delivers comprehensive DDoS protection, encompassing state-of-the-art components essential for robust attack detection and mitigation. Our solution extends to safeguarding web applications and APIs through meticulous filtering, monitoring, and blocking of malicious HTTP/S requests.

Our mechanism operates by assessing each incoming request, determining its intent, and accordingly, either blocking or allowing its passage to the web server. This vigilant evaluation is further bolstered by the support of our expansive global network and strategically located data centers, ensuring a fortified defense perimeter around your digital assets.

Scoring analysis to recognize request type

Blindspot's WAF operates on a scoring mechanism, enabling the identification of various attacks along with their variants. This systematic scoring is not static; it evolves continually through the application of a machine learning algorithm. This dynamic updateability facilitates the discernment between benign and malicious requests, as well as between legitimate and malicious bots, enhancing the accuracy and responsiveness of our protection framework.

Do you want to know technical details?

Shield against OWASP common attacks and more with Blindspot's WAAP

Two Flexible Paths to Implementing WAAP

WAAP Secure Path

Instant implementation and you don't have to do anything

You do not share your data

Instant implementation and you don't have to do anything

It does not protect against any DDoS attacks

WAAP Cloud

Use our cloud service to filter requests.

Learn more about the requirementsLearn more about the requirements

Protection against DDoS attacks at the application layer

Necessity to redirect IP addresses to our cloud

Frequently asked questions

As your application receives requests through the underlying service, these requests are channeled to the Blindspot security engine for assessment against the defined rules. If a request aligns with a condition set forth in the rules, Blindspot WAAP instructs the underlying service to either block or allow the request, based on the designated action. Blindspot WAAP operates on both positive and negative security models.

Blindspot WAAP (Web Application and API Protection) is a specialized service engineered to fortify web applications against a myriad of threats. It empowers users to configure rules to authorize, block, or monitor web requests based on specific parameters. These parameters include IP addresses, HTTP headers, HTTP body content, URI strings, and common vulnerabilities like SQL injection and cross-site scripting.

Whitelisting: This model employs an "allow list", utilizing machine learning and behavioral analytics to discern the traffic that the WAAP authorizes, while blocking all other traffic.

Blacklisting: Contrarily, a "block list" is utilized here, referencing updated signatures of recognized vulnerabilities to designate the traffic that the WAAP denies, permitting all other traffic.

Hybrid Approach: This methodology combines both positive and negative security models, employing a blend of allow and block lists to determine the traffic that's granted passage.

Blindspot WAAP offers a robust shield against prevalent digital threats and targets application-level vulnerabilities, including the top 10 risks pinpointed by OWASP. Some examples are:

Cross-Site Scripting (XSS): A tactic where adversaries inject malicious scripts into authentic websites. Upon user visitation to these tainted sites, the malicious code executes in their web browsers, facilitating data theft or user impersonation by the attackers.

Application Layer DDoS Attacks: These denote DoS or DDoS assaults targeting the application layer, with common variants like HTTP/S floods, SSL-driven attacks, slowloris attacks, and brute force methods.

SQL Injection: Similar to XSS in execution, attackers exploit vulnerabilities to inject malicious SQL commands into an application, leading to unauthorized data access, modification, or deletion.

Zero-Day Attacks: Occur when malevolent entities leverage an undisclosed security lapse or software vulnerability before the developer releases a remedial patch.

The necessity for setup alterations depends on customer requirements. Blindspot WAAP supports two models – In-Line and/or Out Of Path, eliminating the need for fundamental infrastructure modifications.

Want todiscover more?

David HnátSecurity

Get in touch

Form was successfully submited