Web Application Firewall

Web Application Firewall

Comprehensive adaptive web application security platform

Key benefits

Real-time traffic analysis

Real-time traffic analysis

Each potential attack is analyzed in real-time to block any malicious requests immediately.
Zero-day attack protection

Zero-day attack protection

Proactive and ML-based analysis helps shield yet unpatched vulnerabilities.
Continuous vulnerability scanning

Continuous vulnerability scanning

Perimeter and security scanners detect vulnerabilities in network infrastructure and services in use.
High-load systems support

High-load systems support

The solution can be scaled to support 100,000 requests per second with no more than a few milliseconds of latency.
Single personal account

Single personal account

All protected applications or clients can be managed from a personal account via a single web interface.
Ease of use

Ease of use

Regular expressions are not needed to set security rules. Even an inexperienced user without special skills can manage the WAF service.

How to get started

Step 1
Get a free check-up
Not sure yet? A free vulnerability check-up will help you decide whether you need to protect web resources.
Step 2
Activate the service
Both service activation and traffic rerouting to the filtering nodes can take no more than a day or two.
Step 3
Create a personal account
After you receive a login and password for your personal account, you can immediately start tracking and controlling your traffic.
Step 1
Get a free check-up
Not sure yet? A free vulnerability check-up will help you decide whether you need to protect web resources.
Step 2
Activate the service
Both service activation and traffic rerouting to the filtering nodes can take no more than a day or two.
Step 3
Create a personal account
After you receive a login and password for your personal account, you can immediately start tracking and controlling your traffic.

WAF in CROC Cloud powered by Wallarm

A filtering node is in CROC Cloud to provide computing capacity for a guaranteed, fast, and efficient service operation.
FAQ
Why do web applications and APIs need protection?
Web applications are widely used by enterprises when creating online stores and various services for either customers or employees. So, hackers can’t help targeting web apps. When it comes to the finance industry, for example, web apps are among top three channels for targeted attacks. According to Gartner, 40% of attacks on web apps are via APIs.
What is WAF and what threats does it combat?
WAF, a web application firewall, protects web apps and resources against most common attack vectors by filtering your traffic. Besides blocking attacks, WAF can scan apps for vulnerabilities. The top 10 current threats that WAF protects against are described in Open Web Application Security Project (OWASP) and include SQL injection, cross-site scripting (XSS), remote file inclusion, etc.
How are client app and API protected?
A Wallarm-based cloud service secures web apps throughout their lifecycle. The solution comprises two parts: filtering nodes and a computing cluster. The filtering nodes are deployed in CROC Cloud and the computing cluster is hosted by Wallarm. All incoming traffic is rerouted to the filtering nodes where the attack is blocked, while legitimate traffic goes further to protected web apps and API. The computing cluster keeps the filtering nodes updated, supports various scanners (e.g. perimeter and security scanners) and rechecks attacks.

We also offer a similar web application protection service based on StormWall solution. StormWall system is included in the Unified Russian Software Register.
How quickly can I get started with the service?
Both service activation and traffic rerouting to the filtering nodes take no more than a day or two. After that, you are good to monitor and control your traffic right away. We, however, recommend staying in the monitoring mode for the first two weeks to reduce false positives. During this period, an app security perimeter is built using machine learning methods. After two weeks, you can switch to the blocking mode for all or part of your apps.
Will the traffic flow outside Russia?
Filtering nodes in CROC Cloud are located in the territory of the Russian Federation, where all computing takes place. The computing cluster is located in Russia-based data centers as well. Therefore, we can say for sure that traffic will never leave Russia and remain intact in case of any access restrictions from abroad.
01

CROC Cloud May Update

You can now create snapshots from volume versions, increase volume size in Kubernetes and filter resources by main parameters.
02

CROC Cloud Gets Faster with NVIDIA GPUs

CROC Cloud Services now offers NVIDIA GPUs to drastically accelerate computing-intensive jobs. GPU-as-a-Service is based on VM instances with NVIDIA GPU and billed monthly on the pay-as-you-go model. Users are fully supported 24/7.
03

Automatically scale with the new Auto Scaling Groups

This new service allows you to automatically adapt to load changes by adding or deleting instances in a few minutes.
04

Introducing Launch Templates and Related API Methods

Launch templates streamline the launch of instances of the same type and minimize the risk of configuration errors when deploying them.

05

CROC Cloud Services Records Skyrocketing Number of Customer Requests

In the first two weeks of March, CROC Cloud Services received a 960% more requests YoY. With IT equipment shipments being on hold, companies seek for available means to maintain business processes and upgrade infrastructure. The customers of the five sectors account for 80% of requests, including finance (28%), IT with online service developers (17%), retail (15%), manufacturing (11%), and logistics (9%).
06

Volume Versions, а New Feature of CROC Cloud

CROC Cloud introduces a new feature, Volume Versions, that you can use to restore your volume content instantly to the original disk.
Any questions?
Fill in the form and a CROC expert will get in touch with you soon

About CROC Cloud Services

CROC Cloud Services is a standalone CROC business unit that offers cloud and managed В2В services.
24/7
10-minute SLA
12 years
in the cloud market
750+
customers across various industries
№1
in cloud service quality (Cnews, 2020)
scrollup