Web Security includes a web application firewall (WAF), DDoS protection, custom security rules, advanced throttling, and rich security analytics.
The WAF inspects HTTP(S) traffic and monitors, rate-limits or blocks malicious traffic, designated user agents, or IP addresses. It has rules coverage for the OWASP core rule set, plus Instart's own rules based on our experience protecting our customers and doing our own threat research.
In addition to the WAF, customers also have access to a rich set of reporting and analysis tools that provide the ability to narrow down to a subset of detected activity for investigative purposes. Full security event logs are also available through an interactive interface in the customer portal, with sophisticated search capabilities.
Finally, customers with other security analytics tools or security staff can have detailed web security event logs delivered to their in-house or offsite tools on a near real-time basis. Instart Web Security logs are compatible with all major log analysis and SIEM systems, including Splunk, Sumo Logic, ArcSight, NitroSecurity, and others.
Web Security also allows customers to create their own powerful security rules using a visual If-This-Then-That rule builder to monitor, block, or throttle malicious traffic.