Nemesida WAF can be integrated with external SIEM systems. To do this, the first step is to configure, using Rsyslog, the collection of events from all servers where Nemesida WAF is installed. Rsyslog is a powerful, secure and high–performance log processing system that accepts data from various sources (systems and applications). It works according to
Review of the pricing, the main opportunities, the features and technical specifications of Nemesida WAF.
How we created machine learning module and why we decided to refuse neural networks preferred to classical algorithms, what attacks are detected using Levenshtein distance and how the accuracy of the attack detection is reached.
Using the module Nemesida AI allows you to identify the signs of «brute-force» attacks.
Working in an IDS mode The Nemesida WAF software can work in IDS mode, which uses the principle of traffic mirroring. This makes it possible to train the Nemesida AI system before running Nemesida WAF in the standard mode (IPS), to check the system performance, to monitor the attacks of the web application in the
Nemesida WAF is supplemented with a new module designed to exchange data with the ClamAV antivirus software.
Despite the rapid development of technology, most of the attacks are detected by the signature method, and the accuracy of all methods built on the basis of signature analysis depends on how well the signatures are written.
Realization of the virtual patching functionality in Nemesida WAF allows to block vulnerabilities exploitation attempts, which are content in web applications without changing their source code. It means that you do not need wait for official patch from the vendors.
Nemesida WAF includes the Nemesida Scanner module, which is designed to detect vulnerabilities and access critical data of a protected web application.