Web Application Firewall

The complete web application security solution to detect, protect and monitor


Feature Total Application Security Advanced Total Application Security Premium

Risk Detection

Managed Web Application Security Scanning Unlimited Unlimited
  • No. of Pages Scanned
Unlimited Unlimited
  • No. of Application Credentials
1 2
  • Coverage for OWASP Top 10, PCI DSS 6.5.x and SANS Top 25 Vulnerabilities Detection
  • PCI DSS and CERT compliant Manual Penetration Testing by experts
  • Manual verification of Vulnerabilities by experts
Limited to 5 requests Unlimited
  • Remediation Guidance to fix vulnerabilities
  • Vulnerability Revalidation checks

Risk Protection

Layer 7 Protection through Web Application Firewall
  • Always On Protection through Advance Security Rules
  • Zero day Vulnerability Protection
  • Blacklisting IP's & countries
  • Ability to exempt certain URI and IP through whitelisting
  • PCI DSS 3.2 Compliance
  • Intelligent Protection through Anomaly based risk scoring
  • Vulnerability Revalidation checks
DDOS Mitigation
  • Protection against Layer 3, 4 Volumetric attacks
  • Protection against Layer 7 DDoS attacks
  • Reputation checks for client IP and blacklisting of malicious IP
  • Protection of Origin IP address against DDOS attacks
  • Protection against Hot-Linking
BOT Mitigation
  • Check for pretender bots through IP checks
  • Validation of Bot Signatures and blocking bad bots
  • Captcha Challenges to prevent malicious bots, protect against DDOS attacks

Risk Monitoring

  • Experts written custom rules to virtually patch application specific vulnerabilities
Limited to 2 requests Unlimited
  • False Positive monitored premium rules
  • Advance DDOS mitigation support for complex Layer 7 DDOS attacks
  • Automated whitelisting of legitimate Search Engines & Bots
  • SLA based customization and propagation of security rules
  • 24x7 management by certified application security experts


  • Free LetsEncrypt DV SSL Certificate
  • Option to buy Entrust OV or EV Certificate
  • Custom SSL Certificate


  • Zero Down time on-boarding
  • Highly available and scalable architecture
  • 360° visibility into application security posture through unified AppTrana portal
  • Support for WAF Integration with 3rd party CDN
  • No hardware, software or tuning required

Support through Email, Chat and Phone

24 * 7 24 * 7