If you accept credit card payments through your website, you need a Web Application Firewall (WAF) to comply with payment card industry (PCI) regulations. A WAF monitors all the data coming into your website, checks it against a ruleset to identify potential threats, and blocks any data identified as being unsafe. 

Managing a WAF requires a level of vendor-specific security expertise that is difficult for all but the largest IT departments to sustain in-house. The managed WAF service from Integrity360 provides the expertise you need within the framework of an affordable Service Level Agreement (SLA).

A misconfigured WAF can have enormous consequences that include financial loss, data loss, reputational damage, compliance issues, and more — yet most IT departments do not have the resources required to manage a WAF effectively. Even after initial implementation and optimisation, a WAF requires ongoing attention to be truly effective. 

Its ruleset must be constantly updated so that it can identify the latest known threats, its settings must be constantly tuned to make sure it does not block legitimate traffic by incorrect or over-zealous application of the rules, and it must be constantly monitored to make sure any threats it identifies are quickly acted upon. 

Working with WAF products all day, every day, gives our SANS and vendor certified specialists the depth of expertise that is needed to manage a WAF effectively. Put this expertise together with our 24x7x365 Security Operations Centre, our proven ISO-certified processes, and the time we spend getting to know your network, and you get the perfect solution to the problem of managing your WAF and securing your website.

  • Enables compliance with PCI DSS requirements for credit card transactions.

  • Deployment and initial tuning of the WAF.

  • Continuous monitoring and tuning to keep up-to-date with the ever-changing threat landscape. Immediate response to suspicious activity.

  • Immediate notification of threats.

  • Protects against SQL injection, exploitation of authentication flaws, cross-site scripting, and other OWASP Top 10 attacks.

  • Rigorous change control processes.

  • Secure browser-based access to a personalised WAF information portal hosted in our security operations centre (SOC).