FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.
Our multi-layered and correlated approach protects your web apps from the OWASP Top 10 as well as the latest threats. The Web Application Security Service from FortiGuard Labs uses information based on the latest application vulnerabilities, bots, suspicious URL and data patterns, and specialized heuristic detection engines to keep your applications safe from malicious sources, DoS attacks sophisticated threats, and zero-day attacks.
- Comprehensive Web Application Security with FortiWeb.
- Deep Integration into the Fortinet Security Fabric and Third-Party Scanners.
- Solving the Challenge of False Threat Detections.
- Secured by FortiGuard.
- Advanced Graphical Analysis and Reporting.
- VM and Cloud Options.
- Reverse Proxy
- Inline Transparent
- True Transparent Proxy
- Offline Sniffing
- Automatic profiling (white list)
- Web server and application signatures (black list)
- IP Reputation
- IP Geolocation
- HTTP RFC compliance
- Native support for HTTP/2
Application Attack Protection:
- OWASP Top 10
- Cross Site Scripting
- SQL Injection
- Cross Site Request Forgery
- Session Hijacking
- Built-in Vulnerability Scanner
- Third-party scanner integration (virtual patching)
- File upload scanning with AV and sandbox
- WWeb services signatures
- XML and JSON protocol conformance
- Malware detection
- Virtual patching
- Protocol validation
- Brute force protection
- Cookie signing and encryption
- Threat scoring and weighting
- Syntax-based SQLi detection
- HTTP Header Security
- Custom error message and error code handling
- Operating system intrusion signatures
- Known threat and zero-day attack protection
- L4 Stateful Network Firewall
- DoS prevention
- Advanced correlation protection using multiple security elements
- Data leak prevention
- Web Defacement Protection