Discover, Control & Mitigate Threats to APIs Using Machine Learning
VoltMesh’s web app firewall (NG-WAF) combines the power of data analytics and deep learning to discover your app APIs and mitigate threats. It analyzes the data collected from VoltMesh distributed load balancers to automatically detect APIs and create authorization policies to simplify zero-trust implementation for DevOps and SecOps.
Using advanced analytics on the data collected across users on its multi-tenant platform, VoltMesh identifies behavioral anomalies and automatically updates to mitigate threats from users as well as internal apps.
VoltMesh vs. Traditional WAF
Automated Policy for Zero-Trust
Automate discovery of APIs and create authorization policies without requiring closed loop coordination between developers and ops (DevOps and SecOps). Frictionless implementation of zero-trust using machine learning.
Optimize Policy Management
Alleviate challenges with automated policy creation and lifecycle management — reducing a major hurdle and cost for agile development and operations teams
Simplify Compliance & Reporting
Continuous updates of policies + reporting helps achieve compliance (PCI-DSS, SOC, etc) in a dynamic development environment
Zero-Trust for Legacy Software
Automated API discovery mitigates limited developer support for legacy apps or lack of knowledge of APIs in open source software
VoltMesh’s ML uncovers dynamic components in APIs from billions of requests to ensure that policies are compact and execute with minimal overhead
Anomaly Detection for Threat Mitigation
Continuous machine learning (ML) on traffic from users and apps allows VoltMesh to predict, block, and alert on suspicious and abnormal activity. This allows you to augment zero-trust and protect public apps that are not authenticated.
Prevent Zero-Day Attacks
As it correlates across multiple data points and learns across customers, the ML gets smarter in detecting zero-day and L7 DDoS attacks
Block OWASP Top 10
Our automated engine helps you define the right threat and paranoia-level to protect from OWASP Top-10 attacks like SQL, XSS, XXE, etc
Detect Threats across Sessions
Using behavioral analysis of sessions from individual users and across multiple users, our ML can better detect anomalies and mitigate threats
Reduce False Positives
Reinforcement learning across many users and APIs allows VoltMesh to predict if certain apps experience false positives, improving efficacy
Visualization & Insights for Forensics
VoltMesh offloads the problem of collecting, storing, analyzing, and visualizing the logs and metrics needed to understand, mitigate and root-cause threats. It provides visibility on user and app-to-app activity across all your apps — microservices or monolithic.
App Topology with Service & API Graph
The learning core not only discovers all the APIs in your apps, but it also discovers the service mesh graph based on active data flow
Reduce Time to Resolution
With powerful visualizations and the ability to analyze security events, VoltMesh helps get to root cause quickly and take mitigation actions
Integrate with SIEM & Alerting Tools
Get security events and anomaly detection alerts delivered to your favorite tool like Slack, PagerDuty and email; integrate with Splunk or other SIEMs
24x7 NOC & SOC
Volterra SREs are able to offload your ops team and provide 24x7 monitoring of mission-critical apps and threat mitigation
Zero-Trust & API Security in Minutes
Configure VoltMesh as a Gateway/Proxy
Configure service discovery of your Kubernetes or legacy apps and define routing rules to direct incoming requests to discovered servicesRead more
Configure API Markup & Control
Create an app_type object and enable machine learning on APIs, API requests, and time-series metrics collected across the systemRead more
Configure time series analysis on the request and response metrics (latency, rate, error) for all services in your applicationRead more
Send Requests & Start Mitigating
Send good and malicious requests to the specified service or APIs and let VoltMesh handle discovery of APIs, creation of policies, and mitigation of threats