Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update about-waap.md #1492

Merged
merged 1 commit into from
Dec 25, 2024
Merged

Update about-waap.md #1492

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 19 additions & 20 deletions documentation/waap/about-waap.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,27 +7,28 @@ toc:
--1--Getting started: "getting-started"
--1--Difference between WAF and WAAP: "whats-the-difference-between-waf-and-waap"
--1--How WAAP works: "how-waap-works"
--2--WAF Edge nodes: "waf-edge-nodes"
--2--WAF edge nodes: "waf-edge-nodes"
--2--Behavioral component: "behavioral-component"
pageTitle: About WAAP | Gcore
pageDescription: Learn more about Gcore Web Application and API Protection and available security features.
pageDescription: Discover Gcore WAAP (Web Application and API Protection) and learn how it works.
---
# About Gcore WAAP

Gcore’s WAAP protects your websites, web applications, and APIs from known vulnerabilities and common exploits by applying predefined security policies, built-in rules, and behavioral analysis to incoming requests.
Gcore WAAP (web application and API protection) protects your websites, web applications, and APIs from known vulnerabilities and common exploits by applying predefined security policies, built-in rules, and behavioral analysis to incoming requests.

WAAP is designed to work out of the box, but it’s also highly customizable: you can create and setup your own rules, adjust policies, and customize WAAP behavior as needed.
You can further analyze the traffic through our built-in reporting system, which helps you better understand how to fine-tune WAAP's protection and adjust custom rules.
WAAP is designed to work out of the box, but it’s also highly customizable: You can create and set up your own rules, adjust policies, and customize WAAP behavior as needed. Our built-in reporting system empowers you to analyze traffic, which helps you better understand how to fine-tune WAAP's protection and adjust custom rules.

WAAP offers you such key features as:
WAAP offers the following key features:

* Next-gen WAF
* OWASP Top 10 protection and a set of robust security policies
* Security Insights
* Real-time analytics
* Next-gen WAF
* API discovery and protection
* L7 DDoS protection
* Bot protection and auti-automation
* AI intelligence
* OWASP Top 10 protection
* Robust security policies
* Security insights
* Real-time analytics

## Getting started

Expand All @@ -41,27 +42,25 @@ WAAP is currently in beta mode. To join the beta, contact the [Gcore support tea

## What’s the difference between WAF and WAAP? 

Traditional firewalls typically serve as the first line of defense against malicious visitors and focus on layer 3 (Network) and layer 4 (Transport) in the <a href="https://en.wikipedia.org/wiki/OSI_model" target="_blank">OSI model</a>. This means that they can’t interpret and process HTTP and HTTPS traffic, which is the type of traffic making requests to your web applications. 

To protect your web applications and APIs, you need to use a web application firewall (WAF). It’s designed to filter out the "good" and "bad" HTTP and HTTPS traffic at the Application layer (Layer 7) in the OSI model. 
Traditional firewalls typically serve as the first line of defense against malicious visitors and focus on layer 3 (Network) and layer 4 (Transport) in the <a href="https://en.wikipedia.org/wiki/OSI_model" target="_blank">OSI model</a>. This means that they can’t interpret and process HTTP and HTTPS traffic, which is the type of traffic making requests to your web applications. To protect your web applications and APIs, you need to use a web application firewall (WAF). It’s designed to filter out the "good" and "bad" HTTP and HTTPS traffic at the Application layer (Layer 7) in the OSI model. 

A **WAF** sits between the client and the origin server, meaning that any request a client makes passes through the WAF for an "inspection" before arriving at its destination, the website's origin server.

A **WAAP** (Web Application and API Protection) is a security tool that offers basic WAF protection along with more advanced measures aimed to protect your web applications and APIs from cyberattacks.
A **WAAP** (Web Application and API Protection) is a security tool that offers basic WAF protection along with more advanced measures to protect web applications and APIs from cyberattacks.

As the malicious web attacks continue to evolve and become more sophisticated, our WAAP will continue to undergo upgrades and maintenance needed to keep our platform up-to-date and effective against these attacks.
Read more about why WAF isn't enough for today's security landscape in [our dedicated article](https://gcore.com/blog/cybersecurity-beyond-waf/).

## How WAAP works

Our cloud-based next-generation WAF uses a two-part system to inspect incoming traffic:
Our cloud-based, next-generation WAF uses a two-part system to inspect incoming traffic:

* **WAF Edge nodes** that perform actions against requests.
* **WAF edge nodes** that perform actions against requests.

* **Behavioral component** that runs heuristics and ML models and performs behavioral analytics.

WAF edge nodes and behavioral components work together to provide protection against common vulnerabilities such as L7 DDoS attacks, OWASP Top 10 threats, bots, and more.

### WAF Edge nodes
### WAF edge nodes

These nodes are responsible for running <a href="https://gcore.com/docs/waap/waap-policies" target="_blank">WAAP policies</a> against requests. They also enforce actions on requests (block, allow, Captcha, JavaScript validation, or tag) based on the recommendation provided by the second part, the behavioral component.

Expand All @@ -79,6 +78,6 @@ You can also create your own <a href="https://gcore.com/docs/waap/waap-rules/cus

The behavioral component is responsible for asynchronously analyzing traffic from WAF Edge nodes. It is centralized and built on a scalable cloud environment, ensuring that WAF always has sufficient resources for deep analysis without memory or processing limitations.

The component analyzes and detects malicious behavioral patterns and, based on this information, indicates what actions should be enforced by WAF Edge nodes: block, challenge, or allow requests. As the behavioral component processes requests, it generates information tags for each request entity. These tags are sent together with instructions (actions to be enforced) to WAF Edge nodes.
The component analyzes and detects malicious behavioral patterns and, based on this information, indicates what actions should be enforced by WAF edge nodes: block, challenge, or allow requests. As the behavioral component processes requests, it generates information tags for each request entity. These tags are sent together with instructions (actions to be enforced) to WAF Edge nodes.

This analytical aspect of the system and independent functioning of both parts is what elevates our WAF to the next-generation level.
This analytical aspect of the system and the independent functioning of both parts elevate our WAF to the next-generation level.
Loading