Automated Zero-Trust & API Security

Start for Free
Zero Trust WAF & API Security graph 3D projection

Discover, Control & Mitigate Threats to APIs Using Machine Learning

VoltMesh’s web app firewall (NG-WAF) combines the power of data analytics and deep learning to discover your app APIs and mitigate threats. It analyzes the data collected from VoltMesh distributed load balancers to automatically detect APIs and create authorization policies to simplify zero-trust implementation for DevOps and SecOps.

Using advanced analytics on the data collected across users on its multi-tenant platform, VoltMesh identifies behavioral anomalies and automatically updates to mitigate threats from users as well as internal apps.

Zero-trust Voltmesh WAF graph/catalog POST/login POST/checkout POST/currency POST/adservice GET/reviews POST
Zero-trust Voltmesh WAF graph/catalog POST/login POST/checkout POST/currency POST/adservice GET/reviews POST

VoltMesh vs. Traditional WAF

Features
Traditional
VoltMesh
API discovery
Static (Swagger)
Automated (AI/ML)
Automated service graph
Zero-day attack mitigation
Automated API policy
User behavior detection
Anomaly detection
False positive reduction

Automated Policy for Zero-Trust

Automate discovery of APIs and create authorization policies without requiring closed loop coordination between developers and ops (DevOps and SecOps). Frictionless implementation of zero-trust using machine learning.

VoltConsole API Explorer screenshot
Benefit icon

Optimize Policy Management

Alleviate challenges with automated policy creation and lifecycle management — reducing a major hurdle and cost for agile development and operations teams

Benefit icon

Simplify Compliance & Reporting

Continuous updates of policies + reporting helps achieve compliance (PCI-DSS, SOC, etc) in a dynamic development environment

Benefit icon

Zero-Trust for Legacy Software

Automated API discovery mitigates limited developer support for legacy apps or lack of knowledge of APIs in open source software

Benefit icon

Improve Performance

VoltMesh’s ML uncovers dynamic components in APIs from billions of requests to ensure that policies are compact and execute with minimal overhead

Anomaly Detection for Threat Mitigation

Continuous machine learning (ML) on traffic from users and apps allows VoltMesh to predict, block, and alert on suspicious and abnormal activity. This allows you to augment zero-trust and protect public apps that are not authenticated.

VoltConsole Anomaly Detection analysis screenshot
Benefit icon

Prevent Zero-Day Attacks

As it correlates across multiple data points and learns across customers, the ML gets smarter in detecting zero-day and L7 DDoS attacks

Benefit icon

Block OWASP Top 10

Our automated engine helps you define the right threat and paranoia-level to protect from OWASP Top-10 attacks like SQL, XSS, XXE, etc

Benefit icon

Detect Threats across Sessions

Using behavioral analysis of sessions from individual users and across multiple users, our ML can better detect anomalies and mitigate threats

Benefit icon

Reduce False Positives

Reinforcement learning across many users and APIs allows VoltMesh to predict if certain apps experience false positives, improving efficacy

Visualization & Insights for Forensics

VoltMesh offloads the problem of collecting, storing, analyzing, and visualizing the logs and metrics needed to understand, mitigate and root-cause threats. It provides visibility on user and app-to-app activity across all your apps — microservices or monolithic.

VoltConsole Traffic analysis graph screenshot
Benefit icon

App Topology with Service & API Graph

The learning core not only discovers all the APIs in your apps, but it also discovers the service mesh graph based on active data flow

Benefit icon

Reduce Time to Resolution

With powerful visualizations and the ability to analyze security events, VoltMesh helps get to root cause quickly and take mitigation actions

Benefit icon

Integrate with SIEM & Alerting Tools

Get security events and anomaly detection alerts delivered to your favorite tool like Slack, PagerDuty and email; integrate with Splunk or other SIEMs

Benefit icon

24x7 NOC & SOC

Volterra SREs are able to offload your ops team and provide 24x7 monitoring of mission-critical apps and threat mitigation

Zero-Trust & API Security in Minutes

1
Configure VoltMesh as a Gateway/Proxy>

Configure service discovery of your Kubernetes or legacy apps and define routing rules to direct incoming requests to discovered services

Read more
2
Configure API Markup & Control>

Create an app_type object and enable machine learning on APIs, API requests, and time-series metrics collected across the system

Read more
3
Configure Anomaly
Detection>

Configure time series analysis on the request and response metrics (latency, rate, error) for all services in your application

Read more
4
Send Requests & Start Mitigating>

Send good and malicious requests to the specified service or APIs and let VoltMesh handle discovery of APIs, creation of policies, and mitigation of threats

Upgrade Your App Security Now

  • API discovery
  • Automated policies
  • Anomaly detection
  • Zero-day mitigation