Tencent Cloud Web Application Firewall (WAF) is an AI-based, one-stop web service protection solution. It uses the AI+ rules dual engine to identify malicious traffic and improve website security and reliability. In addition, it performs BOT behavior analysis to protect against malicious access behaviors and ensure the security of core services and data of websites.
WAF provides SaaS-based WAF and load-balanced WAF. These 2 types provide basically the same security protection capabilities but different access methods.
The WAF service can effectively prevent SQL injection, cross-site scripting (XSS), trojan upload, unauthorized access, and other OWASP attacks. In addition, it can provide all-round protection for website systems and services by effectively filtering out CC attacks, detecting DNS link hijacking, providing zero-day vulnerability patches, and preventing web page tampering.
|AI+ web application firewall||With the web attack identification based on AI+ rules, anti-bypass, low false negative, and low false positive, this service can precisely and effectively defend against common web attacks, such as SQL injection, unauthorized access, XSS, cross-site request forgery (CSRF), Webshell trojan upload, and other OWASP top 10 web security threats and attacks.|
|Virtual patching for zero-day vulnerabilities||The Tencent security team provides 24/7 monitoring to uncover and respond to vulnerabilities. It distributes virtual patches for high-risk web vulnerabilities and zero-day vulnerabilities within 24 hours upon detection. Protected users can obtain the defense capability against emergency vulnerability and zero-day vulnerability attacks without performing any operation. The response cycle is significantly shortened.|
|Anti-tampering of web pages||Users can cache core web page content to the cloud and publish cached web pages for substitution. This helps to protect organizations against the negative consequences caused by web page tampering.|
|Data leakage prevention||WAF provides ex-ante server application hiding, real-time intrusion prevention, and ex-post sensitive data replacement and hiding policies to prevent backend databases from being hacked.|
|Defense against CC attacks||WAF provides intelligent defense against CC attacks, and performs intelligent decision-making to generate defense policies based on the exceptional responses (timeout and response delay) of the real server and big data analysis of website behaviors. In addition, it provides multi-dimensional, custom, and precise access control, human-machine identification, frequency control, and other countermeasures to efficiently filter out unwanted access and mitigate CC attacks.|
|Crawler BOT behavior management||Based on the AI+ rules repository, WAF provides web page crawler and BOT robot management to help enterprises mitigate business risks caused by malicious BOT behaviors. Business risks include website user data leakage, content infringement, competitive pricing, inventory query, black hat SEO, and business strategy disclosure.|
|DNS illegal hijacking detection||WAF performs nationwide DNS verification on the domain names submitted by users, and detects and displays the hijacking details of the protected domain names in each region to help enterprises avoid data theft and financial loss caused by malicious hijacking of website users.|
|30-line BGP IP access protection||WAF supports dedicated 30-line BGP IP link access for defense nodes. The nodes are scheduled intelligently, which effectively solves the access delay problem and ensures the site access speed of users in all tiers of cities. This helps to deploy imperceptible cloud WAF security protection without affecting the website access speed.|
In the following scenarios, the WAF service can provide effective defense and prevention against risks, and ensure system and business security of enterprise websites.