Cloud MTS

99.9% protection guaranteed

WAF protection protects against SQL injections, XSS, XXE, RCE and other OWASP Top-10 threats.

Protection against attacks

Analyses all incoming HTTP requests and blocks any malicious request

Anti-theft protection

Counters the key web resources hacking, preventing data theft, compromising registration details, including PD

API protection

API interface protection, including REST, SOAP, gRPC, GraphQL and web sockets, automatic recognition of various protocols/formats and application of appropriate parser chains

Threat detection

Signature-free functioning and real-time threat confirmation

Anti-DDoS protection

DDoS attacks blocking at the application level (L7)

Masquerade prohibition

Blocks actions related to illegal or misleading content posting

Test drive

Technical capabilities

Error and vulnerability recognition

The DAST scanner recognizes typical errors in business logic and detects application-specific vulnerabilities based on the application logic knowledge base

Attack surface visualization

Using a variety of DNS and BGP requests, as well as other public sources, a potential attack surface is visualized. Scanning detects configuration errors and serious vulnerabilities

Popular formats recognition

All modern web application data formats are automatically identified and decoded, including XML, JSON, WebSockets, Base64, GZIP, VIEWSTATE, PHP, Java, and others

Personal profile formation

Based on the collected metrics, a personal profile of protected resources is formed, with subsequent application of finely tuned security rules

Continuous learning

Metrics collection from all traffic, collected metrics processing in the cloud, continuous learning and correlation of web application/user events

Virtual patching

Malicious requests blocking even when working in monitoring mode, with user access prohibited until fixing the vulnerability

Get advice

How it works

Web traffic passes through filtering nodes in the client's infrastructure

Filtering nodes block attacks and send traffic statistics to the computing cluster (Valarm cloud)

Valarm Cloud updates blocking rules for all protected applications every 15 minutes using machine learning

Upon detecting an incident, the client receives a notification

Vulnerability scanner checks the detected attacks' vectors for corresponding vulnerabilities in the application

Zoom Get advice

Convenient personal account

Zoom

Troubleshooting advice for developers

Clear analytics on attacks and incidents

Fine-tuning dynamic rules

Security status and incident report builder

Open API for integration with the client's monitoring and management systems

Single web interface for all protected applications and roles

Detection the network perimeter vulnerabilities with assessed criticality and exploitation examples

Up-to-date information on the company's network resources available from the external network

Get access

Rates

Basic WAF service

Detection and protection module against attacks on web applications
Local analytics module
Control module
Cloud analytics module
Attack recheck module

up to100 RPS

Request per seconds (qty)

70 000, 00 rubles/month

Standard WAF service

The price includes all the modules besides the basic WAF service:
Perimeter scanner modules vulnerabilities
Behavioral attack protection module
Advanced configuration module
Virtual patching

up to500 RPS

Request per seconds (qty)

110 000, 00 rubles/month

Individual WAF service

The modules composition at the customer's request, for any performance.
Parameters are not fixed by the standard contract, amendments are introduced upon the order.

over500 RPS

Request per seconds (qty)

On request

Service Manager

Alexander Karpuzikov

Responsible for the project direction of MTS cloud. Implements such complex projects as HaaS, Private Cloud, SAP Hosting, including consulting and professional services. Over 10 years of experience in the cloud technologies. Has many years of experience in the telecommunications industry. Since 2018, in PAO MTS has been responsible for developing information security products of MTS cloud provider. The division manage for additional information security services for IaaS/PaaS/DPC and commercial SOC development in PAO MTS.
Author of a number of articles in specialized media and Habr, a regular participant and speaker at conferences in the Telecom and IS fields.

Advice on your project