Listing Thumbnail

    Web Application Firewall

     Info
    AWS WAF protects your web applications against common exploits and vulnerabilities using customisable rules that filter attacks such as SQL injection and cross-site scripting. ORBIT analyses your exposure, configures the protection, tunes it against real traffic and operates it after go-live. We start by analysing your current security situation and identifying the specific vulnerabilities and requirements of your applications, so the result is a plan tailored to your needs rather than a template ruleset. Our team then configures the rules and policies and integrates the WAF with your existing infrastructure. Thorough testing verifies the protection works and lets us tune it against real traffic, so attacks are blocked and legitimate users are not. We can continue to review rules as your applications change and keep the ruleset current, or hand over fully to your team. Delivered by architects and engineers with extensive experience from large cloud projects in the financial sector.

    Overview

    Secure web application operation — not only in AWS.

    Public-facing applications are probed continuously, and a single unpatched input is enough to expose the data behind them. AWS WAF protects your web applications against common exploits and vulnerabilities using customisable rules that filter attacks such as SQL injection and cross-site scripting. ORBIT analyses your exposure, configures the protection, tunes it against real traffic and operates it after go-live.

    WHY AWS WAF

    Robust protection against threats. Advanced security features protect your web applications from common web exploits and vulnerabilities.

    Scalability and flexibility. Protection adapts to minimal or surging traffic without compromising the performance of your applications.

    Cost-effectiveness. A pay-as-you-go pricing model means you can implement comprehensive security measures without facing unnecessary costs.

    Integration with AWS services. AWS WAF deploys seamlessly within your existing infrastructure rather than sitting beside it.

    Simple administration. An intuitive interface and pre-configured rules keep day-to-day operation straightforward for your team.

    HOW WE DELIVER

    Analysis and planning. We start by analysing your current security situation and identifying specific vulnerabilities and requirements. The result is a plan tailored to your needs — not a template ruleset applied to every customer.

    Configuration and deployment. Our AWS team configures AWS WAF and sets the rules and policies that protect you from cyber threats. We ensure the deployment is seamless and that the WAF integrates cleanly with your existing infrastructure.

    Testing and optimisation. Through thorough testing we verify that AWS WAF effectively protects your applications, and we make the adjustments needed to optimise performance and security. This is where most WAF projects succeed or fail: rules that are never tuned against real traffic either block legitimate users or get switched off entirely.

    Continuous administration and support. Protection is not a one-off deployment. We review rules as your applications change, respond to emerging threats and keep the ruleset current, so the WAF still reflects your risk months after go-live.

    WHY ORBIT

    A highly specialised team of architects and engineers focused on cloud modernisation and security projects, with extensive experience from large companies and cloud projects in the financial sector. Our specialisations are financial institutions, cloud architecture, security solutions, cloud compliance and cost optimisation. The AWS practice is led by Martin Gavanda, AWS Cloud Architect Lead at ORBIT.

    Security work for regulated customers is held to a different standard, and that is the environment we work in every day. Banks and insurers make up much of our client base, which shapes how we approach evidence, documentation and handover.

    Customers include Accace, Czech Savings Bank, Creditas, DR. Max, E-on, Erste Group, Generali, J&T Bank, KB, MONETA Money Bank, NLB, O2, Raiffeisenbank, SKB Bank, Skoda, Societe Generale, Tatra banka, Volkswagen and Zentiva.

    "With the resulting solution we are able to easily and quickly identify resources that require attention." — Radim Jablonka, Cloud services delivery manager, MONETA Money Bank

    HOW WE ENGAGE

    This is a professional services offering, so the scope is always tailored to your applications, threat model and operating model. We begin with analysis and planning, agree the approach with your team, configure and deploy alongside your engineers, then test, tune and hand over. Ongoing administration and support can be included or the protection can be transferred fully to your team.

    Scope, deliverables, timelines and commercials are captured in a Statement of Work agreed with you and transacted through AWS Marketplace as a private offer. Contact us to arrange a no-obligation scoping call.

    Highlights

    • Protection tuned to your traffic, not a template. We analyse your current security situation, identify the specific vulnerabilities and requirements of your applications, then configure AWS WAF rules and policies that filter attacks such as SQL injection and cross-site scripting. Thorough testing verifies the protection works and lets us tune it against real traffic, so attacks are blocked and legitimate users are not — and it scales with surging traffic without compromising performance.
    • Built and operated by a team that works in regulated environments. ORBIT's architects and engineers specialise in cloud security, compliance and cost optimisation, with extensive experience from large companies and cloud projects in the financial sector — among them Tatra banka, Raiffeisenbank, MONETA Money Bank and Erste Group. We do not stop at deployment: we review rules as your applications change, respond to emerging threats and keep the ruleset current, or hand over fully to your team.

    Details

    Delivery method

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Pricing

    Custom pricing options

    Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Support

    Vendor support