Indusface Web Application Firewall is industry’s only fully managed web application firewall that provides comprehensive protection that works. Indusface’s Total Application Security comes with integrated scanner and WAF which helps organisation identify vulnerabilities and get them immediately patched at WAF through rules written by Indusface’s security experts.

Our Advantage
Risk Detection

Detect your risks continuously

Continuously identify your application security posture through automated security scans and manual Pen-Testing

WAF Protection

Protect your application immediately

Combination of always-on security and expert created surgically accurate security rules to patch the vulnerabilities through WAF with assured zero false positives

DDoS Prevention

Ensure round-the-clock availability

All surge in traffic is not DDoS. Have experts monitor traffic and prevent DDoS before it happens

Website Performance

Improve website performance instantly

Instant Whole Site Acceleration using distributed Global Edge Locations if you subscribe to the cloud WAF deployment


360 view of your application security

24*7 visibility of the risk posture and business impact via integrated AppTrana portal

Trusted by over 2000+ Global Customers
  • Aegon Life
  • Tata Consultancy Services
  • Future Group
  • Jaguar
  • Acko
  • Federal Bank
  • Cox & Kings
  • Edelweiss
  • Land Rover
  • L & T
  • Axis Bank
  • HDFC Life
  • Lead Squared
  • EY
  • Reliance General Insurance
  • Shoppers Stop
  • Max Health Insurance
  • Bajaj FinServ
  • VFS Global
  • Mphasis
Our Happy Customers talking about us
Unlimited App Scanning

Unlimited App Scanning

Daily or on-demand web application scanning to detect vulnerabilities. Comprehensive security audit to get security posture of multiple web applications.

Business Logic Vulnerability Checks

Business Logic Vulnerability Checks

Extensive auditing for application specific business logical vulnerabilities. Support on functional understanding of logical flaws for in-depth security audit.


OWASP Top 10 & WASC Detection

Efficiently detect most common application vulnerabilities validated by OWASP and WASC. On-going detection of new vulnerabilities as a result of application changes & updates.

zero downtime

Zero Downtime Quick Onboarding

Entire onboarding is done without requirement of any downtime and can be done within minutes . With Indusfaces Properitiery advance rules fine tuned to minimal FP’s orgnainzation can onboard site immediately in block mode.

Managed DDoS Protection

Managed DDoS Protection

Get instant DDOS protection against sophisticated Layer 7 DDOS attacks. TAS comes with inbuilt rate limiting rules and advance layer 7 rules that prevents sophisticated bot attacks. Also get help of security experts in case of sophisticated attacks that help in thwarting complex attacks through tailored rules.

Flexible Deployment

Flexible Deployment Option

The entire product is offered as a service, but the placement of the WAF can be in the cloud (no software to install), or from AWS marketplace and or in your own data centre with a virtual appliance. You will still get a centralized informative dashboard providing you real time view of the security postures and attack insights independent of the WAF placements and deployment model.

Managed by Security Experts

Managed by Security Experts

Security experts mimic exploitations from real hackers to help identify risks in real-time. Demonstration of business impact of vulnerabilities exploiting series of logical weaknesses within application.

Zero False Positives

Zero False Positives

Removal of any potential false positives that are found from scanning and accurate protection against those risks via WAF rules

Informative Dashboard

Informative Dashboard

Not only will be provide visibility into attacks happening and blocked on the website, but will also provide a co-relation between current vulnerabilities and its protection status based on which customer can take action and request our managed security experts to protect against those risks.

Plan Comparison
FeatureTAS AdvancedTAS Premium
Risk Detection TAS Advanced
TAS Premium
Managed Web Application Security Scanning TAS Advanced Unlimited TAS Premium Unlimited
No. of Pages Scanned TAS Advanced Unlimited TAS Premium Unlimited
No. of Application Credentials TAS Advanced Unlimited TAS Premium Unlimited
Coverage for OWASP Top 10, PCI DSS 6.5.x and SANS Top 25 Vulnerabilities Detection TAS Advanced
TAS Premium
PCI DSS and CERT compliant Manual Penetration Testing by experts TAS Advanced TAS Premium
Manual verification of Vulnerabilities by experts TAS Advanced
Limited to 5 requests
TAS Premium
Remediation Guidance to fix vulnerabilities TAS Advanced
TAS Premium
Vulnerability Revalidation checks TAS Advanced
TAS Premium
Risk Protection TAS Advanced
TAS Premium
Layer 7 Protection through Web Application Firewall TAS Advanced
TAS Premium
Always On Protection through Advance Security Rules TAS Advanced
TAS Premium
Zero day Vulnerability Protection TAS Advanced
TAS Premium
Blacklisting IP's & countries TAS Advanced
TAS Premium
Ability to exempt certain URI and IP through whitelisting TAS Advanced
TAS Premium
PCI DSS 3.2 Compliance TAS Advanced
TAS Premium
Intelligent Protection through Anomaly based risk scoring TAS Advanced TAS Premium
Vulnerability Revalidation checks TAS Advanced
TAS Premium
Deployment option TAS Advanced Cloud - AppTrana
AWS market place or Virtual Appliance
TAS Premium Cloud - AppTrana
AWS market place or Virtual Appliance
DDOS Mitigation TAS Advanced
TAS Premium
Protection against Layer 3, 4 Volumetric attacks TAS Advanced
TAS Premium
Protection against Layer 7 DDoS attacks TAS Advanced
TAS Premium
Reputation checks for client IP and blacklisting of malicious IP TAS Advanced
TAS Premium
Protection of Origin IP address against DDOS attacks TAS Advanced
TAS Premium
Protection against Hot-Linking TAS Advanced
TAS Premium
BOT Mitigation TAS Advanced
TAS Premium
Check for pretender bots through IP checks TAS Advanced
TAS Premium
Validation of Bot Signatures and blocking bad bots TAS Advanced
TAS Premium
Captcha Challenges to prevent malicious bots, protect against DDOS attacks TAS Advanced
TAS Premium
Risk Monitoring TAS Advanced Partial TAS Premium
Experts written custom rules to virtually patch application specific vulnerabilities TAS Advanced Limited to 2 requests TAS Premium Unlimited
False Positive monitored premium rules TAS Advanced TAS Premium
Advance DDOS mitigation support for complex Layer 7 DDOS attacks TAS Advanced TAS Premium
Automated whitelisting of legitimate Search Engines & Bots TAS Advanced
TAS Premium
SLA based customization and propagation of security rules TAS Advanced TAS Premium
24x7 management by certified application security experts TAS Advanced TAS Premium
SSL TAS Advanced
TAS Premium
Free LetsEncrypt DV SSL Certificate TAS Advanced
TAS Premium
Option to buy Entrust OV or EV Certificate TAS Advanced
TAS Premium
Custom SSL Certificate TAS Advanced
TAS Premium
Administration TAS Advanced
TAS Premium
Zero Down time on-boarding TAS Advanced
TAS Premium
Highly available and scalable architecture TAS Advanced
TAS Premium
360° visibility into application security posture through unified AppTrana portal TAS Advanced
TAS Premium
Support for WAF Integration with 3rd party CDN TAS Advanced
TAS Premium
No hardware, software or tuning required TAS Advanced
TAS Premium
Support through Email, Chat and Phone TAS Advanced 24 * 7 TAS Premium 24 * 7
Pricing TAS Advanced GET A QUOTE TAS Premium GET A QUOTE
Web Application Firewall FAQ

From a feature and product standpoint both offer the same benefit to customers. AppTrana is a full cloud based deployment version of the TAS offering. Customers can deploy TAS from AWS marketplace or as a virtual applicance or go with the full cloud based version using the AppTrana offering. Independent of the deployment model all the modes will provide the customer with a single centralized AppTrana Dashboard for visibility.

Absolutely. We ask for no credit card while you sign-up. You can enjoy all the services of an Advance plan for 14 days absolutely free in any of the deployment model (cloud, AWS marketplace or Virtual appliance).

Yes. In all deployment modes we provide 3 level of controls to turn off the solution.

  • Log Mode– To turn off blocking. All rules will be put in block mode in such a scenario.
  • Disable Mode – The entire WAF will be disabled and the solution will be only in reverse proxy mode
  • Bypass Mode – Applicable only in SAAS (apptrana deployment). The entire cloud AppTrana Infrastructure will be bypassed and the traffic will be sent directly to your server.

All of this is done without any downtime.

In the market place and Virtual applicace model, WAF is deployed in your data center. However the vulnerability and attack data are synched with the centralized portal hosted in AWS by indusface. In the cloud deployment model Indusface in partnership with Tata Communications gives you the 4th largest Tier IP backbone which ensures reduced latency and improved user experience for your website users. It has more than 400 POPs across 5 continents and operate more than 1 million sq ft of data centre space in 44 locations worldwide. With 24% of the world’s internet routes on our network, we offer greater flexibility and performance. Tata’s Content Delivery Network offers the most direct routes between your content and your end users, and is uniquely engineered to reach both developed and emerging markets directly and quickly. Check map here

Yes, in the AWS marketplace and Virtual appliance deployment model we allow you to configure the SSL in our WAF deployment or you can chose to have termination of SSL in your Load balancer and have the WAF traffic as internal non SSL traffic. WE provide flexibility in this deployment and configuration option.

In the Cloud model we allow customers to provide their own certificate or get a free one automatically provisioned by Indusface.

How Web Application Firewall Works?

Other Resources

Total Application Security Adavnced


Total Application Security Premium


Understanding OWASP Top 10 Vulnerabilities & their Business


7 Habits of Highly Effective WAF


5 Top Cloud Web Application Firewalls (WAF) Features


8 Types of Cyberattacks a WAF is Designed to Stop


Beating WAF Signatures


NGFWs vs WAF [Guide]

Ready to get started?

Try Indusface WAF free for 14-Days