Security > WEB Firewall > Product Introduction > Penta Security (WAPPLES SA)


A cloud web firewall product developed based on the security technology of WAPPLES, Asia Pacific's No. 1 web firewall, which provides optimized web security services in a variety of private and public cloud environments. CC-certified WAPPLES SA is Web Application and API Protection (WAAP) solution that ensures high reliability in cloud environments and provides API security, Bot response and DDoS security as well as common web attacks.

Main Features


  • Outstanding detection technology (Detection Engine)
    • No. 1 in domestic WAF market share for 15 years, high security based on intelligent logical analysis detection engine (COCEP)
    • Intelligent detection engine provides minimum security signature updates
    • Blocks unknown attacks, including OWASP, with lowest false positive rate and high true positive rate
    • Provides zero-day attack response, such as new vulnerabilities (automate security)
  • Provides advanced WAAP security services (Web Application and API Protection)
    • Provides WAAP service evolved from existing WAF (WAF+API security+Bot mitigation+DDoS response)
  • Protects different cloud web service architectures
    • Provides protection for various Cloud Web services, including Microsoft, Serverless and monolithic, etc.
    • Applies different architectures, including top/bottom LB configuration, DNS lookup configuration and common security VPC configuration, etc.
  • Provides sensitive privacy filtering
    • Provides leakage prevention for sensitive information in which personal information is included in Inbound and outbound traffic
  • Supports seamless autoscaling
    • WAF zero-downtime autoscaling for increased web traffic and WAF load

Service Configuration Diagram

  • You can protect your web server by blocking external web application threat traffic and external information leaks.
  • The web firewall operates in a proxy manner in front of the web server and inspects all web traffic for security.

※ Network routing changes, such as DNS changes, are required to route traffic from the target domain to Web Firewall for protection

※ For WAF service high availability and safe security service, we recommend web firewall redundancy (Active-Active).

※ Service support from the Security Control Center is available when applying for the Managed service.