XcellSecure | Haltdos WAF+DDoS+CDN

Protect your IT Infrastructure Network, Web, API
360 degree protection with protection against zero-day attacks.
Web application attacks deny services and steal sensitive data. Haltdos analyzes and inspects requests coming in to applications and stops these attacks.

7 Days Free Trial Schedule Demo Take Tour Datasheet

Multi-Layered

360 degree protection with protection against zero-day attacks.

Real Time

Instant visibility into traffic, requests, response and incidents.

Automatic

Automatically detect and effectively respond to cyber-attacks.

Machine Learning

Based on technology that continuously learn and adapt it.

WHY TRUST HALTDOS FALCON?

360° Security

All round protection from simple to sophisticated zero-day attacks.

Real-Time Metrics

Audit report on Attack, application health, customer interaction and more

Maintains Business Operational

Attack or no attack, HaltDos ensures your business stays operational all the time.

Multi-Vector Attack Protection

Detect and mitigate DDoS attacks of many types, including volumetric, protocol, and application-level attacks

Security Simplified

100% customizable with on the fly updates. Easy to scale and takes no more than a few minutes to set up.

No Human Policy

"Hands-off" solution with self-learning capability that adapts to changing network conditions and requires minimal tuning.

Accurate Attack Mitigation

Stateful and/or Stateless DDoS appliance providing best in class attack detection and mitigation in the most demanding operational environments.

Mitigation Spotlight

Baseline Protection

HaltDos includes a Baseline Protection Wizard, which makes it easy to update policies. The baseline policies are a blacklist and regex-pattern match of known vulnerabilities and attacks: when HaltDos detects a suspicious pattern which matches the baseline policies, then the request is rejected without exposing the application.HaltDos publishes regular baseline updates, and the HaltDos dashboard highlights the recommended updates. Note that the new baseline policies are NOT applied automatically - the new rules should be reviewed by the security team and activated through the management console.

Secure Session Management

While many applications use secure passwords and authentication, it is possible for user and session data to be exposed through weak links such as session cookies and tokens. Attackers can use these weak links to create or modify sessions, and access live data. HaltDos Secure Session Wizard can help to secure vulnerable sessions, using two important tools: the Session Handler can impose additional controls on user session timeouts and session limits, while the Cookie Jar Handler can be used to preserve vulnerable information by exchanging weak session cookies for more secure session management. With HaltDos, organizations can add an additional authentication layer in front of their applications.

Secure Entry Points

Similarly, many applications enforce authentication when a session is opened, but do not perform access control verification at each step or intermediate function. Attackers can manipulate workflow flaws to access data or bypass session authentication. HaltDos offers an Entry Point Handler that can provide additional security by ensuring that new user sessions always start at a pre-determined entry point. This prevents attackers from deep linking into applications, bypassing entry points and authentication steps.

Sensitive Data Masking

Attackers may attempt a variety of exploits to extract sensitive data, including payment card information, social security information, and security credentials. This kind of sensitive data requires additional layers of protection beyond the encryption of stored data: for example, data in transit should be encrypted using secure transport, and active response filtering can mask out sensitive data which leaks through other defenses.

Resolving Third-Party Vulnerabilities

Modern online applications often include third -party libraries and tools, which may vulnerable to zero-day attacks. Third-party software providers may be unable to resolve flaws quickly so attackers may be able to exploit these vulnerabilities before they are corrected. Known vulnerabilities within application components can be mitigated with HaltDos. Standard application attacks like SQL Injection or XSS can be mitigated using the Baseline Protection or the Whitelist Learning Capability. Similarly, the pro-active features of the HaltDos can be used to identify and protect against vulnerabilities in the application logic of applications.

Forwarding and Redirecting Attack

Many Web applications use redirections and forwarding to transfer control within online services, and may be vulnerable when they use untrusted data or URL parameters to select the target Web page. Attackers may use weak validation of redirection criteria to trigger malware or phishing attacks by forwarding to unauthorized targets. HaltDos Baseline Protection Wizard includes policies that check for fully-qualified URL references to protect against unwanted redirection. Security professionals can also define preferred redirection targets for when an invalid redirection target is detected.

ENTERPRISE SECURITY SOLUTIONS

Anti-DDOS

First line of defence for your data center with automatic detection and mitigation capability

WAF

360 degree protection for your web applications against OWASP Top 10 attacks

Integrated DDOS-WAF

This 2-in-1 solution combines Anti-DDoS & WAF to cohesive security platform for data centers

Haltdos Enterprise Cloud

Cloud based enterprise security platform for DDoS, WAF, CDN, DNS and Security Scanner

OVERVIEW ANTI-DDOS

Distributed Denial of Service (DDoS) attacks continue to evolve in scale, frequency, and sophistication: more distributed, more intruding, and more complex. These attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted techniques. There is almost an unlimited array of tools that hacktivists and cyberterrorists can exploit to prevent customers access to your web services To combat these attacks from reaching the enterprise network, you need a resilient, scalable, and secure solution.

ANTI-DDOS FEATURES

AI ENABLED

Employs AI to automatically detect and effectively respond to cyber-attacks in real time without any human intervention.

HIGH PERFORMANCE

HaltDos provides < 60 microseconds latency. 3 x faster than other solutions.

BI-DIRECTIONAL

First of its kind solution that ensures protection against both inbound and outbound traffic.

CLOUD SIGNALLING

Sends signal to your ISP to automatically start Cloud based protection on attack detection.

MULTI-VECTOR ATTACKS

Automatically detects and defends against multiple simultaneous attacks.

NETWORK VISIBILITY

Real time visualization into all activities on the network - including encrypted traffic.

OVERVIEW WAF

Security breaches are common. Did you know most security breaches occur from web applications? Websites & APIs have become the face of organizations today. But as web technology advances, so does attacks on them. From OWASP Top 10 to Zero Day threats, sensitive data exposure, Man-In-The-Middle, Brute force, HTTPs attacks are increasing. Your customers expects fast, safe, and reliable access to your web applications. Delivery it to them with HaltDos Swift - our Next Generation Web Application Firewall.

WAF FEATURES

0-DAY PROTECTION

Our Machine-learning detection engine intelligently detects and mitigates even the most sophisticated attacks on web applications

BUILT-IN RULES

Event with thousands of built-in signatures, our R&D team is continuously looking for new attack vectors and publish signatures to mitigate them.

PCI COMPLIANCE

Enables enterprises to comply with PCI DSS compliance with daily PCI compliance reporting.

DEV-SEC-OPS

Not just REGEX! Haltdos is the only WAF that allows developer to write secure script inside WAF.

TWO FACTOR AUTH

Implement 2FA for your applications right from within WAF. Supports Email / SMS integration

DECEPTION TECHNOLOGY

Our next generation WAF provides advanced Bot protection with deception technology

OVERVIEW INTEGRATED DDOS-WAF

Securing production environment requires using distinct specialized security controls. Unfortunately, these security controls are distinct and do not share intelligence amongst themselves. While SIEM can be used but even then, the collaboration is restricted to general logs instead of network and application states. Unlike Unified Threat Monitoring (UTMs), HaltDos offers a unique capability to provide zero-trust solution for protecting production environments - Integrated DDoS & WAF solution.

INTEGRATED DDOS-WAF FEATURES

AI ENABLED

Employs AI to automatically detect and effectively respond to cyber-attacks in real time without any human intervention.

HIGH PERFORMANCE

HaltDos provides < 60 microseconds latency. 3 x faster than other solutions.

BI-DIRECTIONAL

First of its kind solution that ensures protection against both inbound and outbound traffic.

CLOUD SIGNALLING

Sends signal to your ISP to automatically start Cloud based protection on attack detection.

MULTI-VECTOR ATTACKS

Automatically detects and defends against multiple simultaneous attacks.

NETWORK VISIBILITY

Real time visualization into all activities on the network - including encrypted traffic.

OVERVIEW ENTERPRISE CLOUD

Intelligent Application Security

Our enterprise grade WAF acts as front-end for your website. The WAF constantly analyzes all traffic to detect behavioral and anomaly inconsistencies for accurate attack detection and mitigation using artificial intelligence and expert security analysts

AI based Self-Learning security
Automatic Bot Detection & Mitigation
OWASP Top 10 Attack Protection
Application Layer DDoS Protection
Load Balancing & SSL Security

Built-in Network Layer Protection

Our advanced global network leverages top-of-the-line, customized servers and networking equipment that protect against Layer 3-4 DDoS attacks at the device. This approach gives our platform simultaneously an exceptionally large and exceptionally deep protection plane.

Advanced Threshold based limiting
Geo-IP based filtering
Automatic Bot Detection & Mitigation
Smart JS challenge to validate Human activity
Built-in auto-scaling for large spikes of traffic

ENTERPRISE CLOUD FEATURES & FUNCTIONS

Features

Managed Services

Add-Ons

0-DAY PROTECTION

Our Machine-learning detection engine intelligently detects and mitigates even the most sophisticated attacks on web applications

BUILT-IN RULES

Event with thousands of built-in signatures, our R&D team is continuously looking for new attack vectors and publish signatures to mitigate them.

PCI COMPLIANCE

Enables enterprises to comply with PCI DSS compliance with daily PCI compliance reporting.

DEV-SEC-OPS

Not just REGEX! Haltdos is the only WAF that allows developer to write secure script inside WAF.

TWO FACTOR AUTH

Implement 2FA for your applications right from within WAF. Supports Email / SMS integration

DECEPTION TECHNOLOGY

Our next generation WAF provides advanced Bot protection with deception technology

MANAGED WAF

Our team of skilled WAF professionals with manage the entire WAF for your website.

ATTACK MITIGATION

Our security engineers will mitigate attacks in consultation with your IT team.

MONITORING SERVICES

Hunt for strange user patterns indicative of attack or fraud in order to take preventive measures

ADVANCED REPORTING

Provide comprehensive report with insights into weaknesses, strengths, risk levels and aggregate measurements from customer traffic.

AUDITING SERVICES

Our security team will carry out periodic automated and manual audit of your web applications.

MIGRATION SERVICE

Moving from another WAF vendor? Our tech support team will assist you in migrating all policies from your exiting vendor to Haltdos.

Multi-CDN

Minimize latency and maximize performance of your website with Haltdos Delivery Platform.

Anycast DNS

Anycast Managed DNS for low latency, high availability DNS service to make your website available to your end-users.

Security Scanner

On-demand or Scheduled scanning with manual verification for your website to stay ahead of latest attacks.

SQL Injection

Security Misconfiguration

Cross Site Scripting

Insecure Direct Object References

Sensitive Data Exposure

Broken Authentication & Session Management

Missing Function Level Access Control

Cross Site Request Forgery (CSRF)

Components with known vulnerabilities

Un-validated Redirects & Forwards

KEY SUPPORT

1.

24 x 7 x 365
Support

2.

On-Site Warranty
Support

3.

Twice a Year Site
Visit Assurance

4.

Centralized Helpdesk
Support

FREQUENTLY ASKED QUESTIONS

Can you brief about the term WAF?

The term WAF stands for a web application firewall. The web application firewall (WAF) is a solution which is designed to provide protection to websites from application security threats by inspecting the incoming traffic, blocking attack attempts, and monitoring and filtering suspicious activities. The web application firewall (WAF) acts as a gateway for all incoming traffic, as it is placed just at the edge of a network. It ensures that the attack traffic does not reach the application and protects your resources against the variety of cyber-attacks such SQL-Injection, Cross-Site Scripting (XSS), Session Hijacking, and other OWASP tops 10 vulnerability threats.

How Does WAF work?

A WAF examines both the HyperText Transfer Protocol (HTTP) request methods/types: GET and POST requests. GET requests are basically when a user tries to access your website/web application and POST requests are basically when your application sends a response to a user's GET request.
A web application firewall distinguishes legitimate and illegitimate traffic based on the rules that are configured.
A web application firewall is also responsible for detecting unusual behavioral patterns for your web application. For example, if an attack causes your web application to remand a lot of larger responses than expected, a WAF is ready to observe that abnormality and acts accordingly to provide protection to your web application.
Another example of a WAFs use is its ability to distinguish between spammy and legitimate comments on a blog post by monitoring particular keywords. These comments will then be flagged as spam and discarded before reaching the comment section of your website.
As described by these examples, a WAF is simply an intermediary between the web application and the client. It can be considered as a guard for your web application that helps to monitor and prevent unusual application behavior.

How HaltDos Web Application Firewall Works?

HaltDos Web Application Firewall stops the attacks right at the network edge and protects your website from common cyber threats before they reach your application servers.
The Web Application Firewall (WAF) examines the incoming traffic that is accessing your website. It inspects the HTTP parameters and applies custom rules in order to help filter out malicious traffic from legitimate website visitors. With HaltDos Web Application Firewall, you can decide whether to block, challenge, or simulate an attack before it reaches to your website or web application.

Does my website require a WAF?

Yes.
...Could you explain to me why?
Websites require a WAF because it needs to be protected against all types of attack attempts, malicious traffic. This malicious traffic can easily be penetrated into your website and can manipulate the backend server causing an outage to your website. This may lead to spam, content being scraped, and page content modification. This can also redirect users to malware, all the possibilities can harm any business small or large. Apart from this, some websites store sensitive information, which could be of a company, website, or its users/clients. The web application firewall (WAF) protects these websites against data breaches.

What are the major risks against which a Web Application Firewall can provide protection?

The web application firewall (WAF) provides protection against the most critical application-layer attacks of OWASP Top 10. OWASP top 10 includes attacks includes SQL injection, Broken Authentication, Data exposure, Cross-site scripting (XSS), Remote Code Execution (RCE), etc.
The most common attacks are SQL injection and Cross-site scripting (XSS). SQL injection occurs when an attacker injects an SQL query into a database, this enables the attacker to access all the sensitive data and modify it. Cross-site scripting (XSS) occurs when an attacker executes malicious scripts into a legitimate website. By performing XSS, an attacker can take over any ongoing user session and get access to the user's personal information such as passwords, credit card details, etc.
A web application firewall also protects against zero-day threats. Zero-day threats which are unidentified yet they exploit new vulnerable

What factors should I focus upon while choosing a WAF?

It is required for network administrators to deploy a robust security solution that can protect their internet-facing assets against lurking cyber threats as well as meet their business requirements. A comprehensive WAF can fulfill this need.
While choosing a comprehensive WAF, administrators should look for whether a WAF inspects and handle Web page content such as HTML, Dynamic HTML (DHTML), and cascading style sheets (CSS), as well as the protocols that your application uses, such as HTTP and HTTPS, provides features such as virtual patching, protection against denial of service (DoS) attacks, does web scraping and has an inbuilt vulnerability scanner. Websites that offer the payment facilities through a credit card should go for a WAF that is a PCI (payment card industry) DSS version 6.6 compliant.
You can deploy a WAF on-premise and/or over the cloud to shield your web applications as well as the data center against a wide range of attacks.

How does the HaltDos Web Application Firewall detect and block threats?

Acting as a reverse proxy, the HaltDos Web Application Firewall inspects every incoming request to detect and block inbound attacks while inspecting response traffic in order to prevent loss of sensitive data such as credit card details, passwords, social security numbers, etc.

Why do I need a Web Application Firewall?

Lack of web application monitoring can create many opportunities for attackers to target web applications. Even if a web application is appropriately programmed, there is a chance that the application can still be vulnerable and exposed to the latest attacks trends.

Haltdos WAF+DDoS+CDN

Protect your IT Infrastructure Network, Web, API360 degree protection with protection against zero-day attacks.Web application attacks deny services and steal sensitive data. Haltdos analyzes and inspects requests coming in to applications and stops these attacks.

Learn More