Essential defence from web attacks

Comprehensive protection for your web applications against specialised attacks and malicious threats

Web Application Firewall (WAF) protects Web servers from malicious traffic and targeted attacks by filtering, and blocking attempts to compromise the system.


This defence mechanism is effective in protecting your organisational applications against a wide range of attacks, such as SQL injections, cross-site scripting and other threats.


Offered as a cloud-based protection service, StarHub's Managed Web Application Firewall (WAF) protects public-facing websites from large-scale layer 3/4 DDoS attacks and more complex layer 7 hacking and DDoS attacks.


Utilising a multi-layered mitigation platform with a 24x7 team of security experts at our Security Operations Centre (SOC) constantly identifying, mitigating and analysing attacks, this service provides improved detection rates and lower false positives to ensure a comprehensive and affordable protection for your web presence.



Protection against OWASP (Open Web Application Security Project) Top 10 common vulnerabilities and more

Besides policies to ensure protection against the OWASP Top 10 vulnerabilities, supplementary rules can be developed for customer's specific site/applications.


Custom Rules

Custom rules can be used to protect your website from new attacks or tailor make security rules for your websites based on HTTP request headers such as URL, Query String, Cookie, and etc. Working in tandem with default rules, custom rules will help to tighten security policies and reduce false-positives. 



Botnet Attack Protection

Our WAF is integrated into our comprehensive cybersecurity solution. Together, the solution protects public-facing websites from large-scale layer 3/4 DDoS attacks and more complex layer 7 hacking and DDoS attacks that attempt to exhaust resources of web applications and servers.



Automatic Virtual Patches

Applications using components with known vulnerabilities may undermine application defences and enable a range of possible attacks and impacts. Our WAF can automatically blocks this type of vulnerability exploit attempts to your web application until either the vendor provides a permanent solution or in-house developer fixes it.



Real-time Reporting and Robust Logging

Our visually-appealing, intuitive Customer Portal features comprehensive dashboard, charts and tables, showing all ongoing and historic WAF events on event dashboards, WAF analytic reports, and real-time traffic analyse for on-the-fly analysis.



Easy installation, fast deployment

Our cloud-based WAF is integrated into our Cybersecurity Platform as one of the security layers to deliver comprehensive protection solution. While we will do the necessary tests and define custom rule set tailored to your web applications before implementation, nothing has to be setup or configured on your side. Once testing is done, protection can be activated in just minutes with no impact on your existing infrastructure.



Dedicated research team

Behind our WAF development and operation teams it is a research team dedicated to analysis of threat intelligence collected from external and internal sources as we pursue meticulous protection against zero-day attacks and persistent threats.eeps unauthorised users out of the network, denies users access to tasks for which they are not authorised, and tracks the resources used during user sessions.



Ongoing fine-tuning of security rules

Our WAF engineers constantly review and fine tune security rules to minimise false positive rate.



Round-the-clock monitoring and remediation

We have 24x7x365 SOCs staffed with DDoS and WAF experts to monitor and respond to potential threats and attacks in the shortest time possible. 

Find out how WAF can help your business

Clean Pipe

Prevent DDos attack to your network and safeguard your business.

Find out more