Waf Charm


Press release

WafCharm Offers Breakthrough Automation of AWS WAF, Bolstering Cybersecurity for Business Amid Ongoing Global Attacks

Cyber Security Cloud’s WafCharm service increases ops efficiency and ease of use for AWS Web Application Firewall (WAF) with AI-driven optimization that counters emerging cyber threats.

Cyber Security Cloud, Inc. (CSC), the world’s leading innovator in cyber threat intelligence and AI-driven web security, today announced that its WafCharm service fully manages AWS WAF operations and automatically optimizes rules for AWS WAF to help address web-related cyberattacks against business and critical government infrastructure increasing worldwide. WafCharm is the only service on the market that automatically builds, tests and tunes AWS WAF rules, and continuously defends against zero-day threats.

While WafCharm provides protection from the OWASP 10 — the most critical security risks to web applications — it also automatically implements new rules in response to zero-day vulnerabilities researched by CSC’s leading threat intelligence team, Cyhorus.

Toshihiro Koike, CEO of CSC, explained, “As the demand for web security increases worldwide, operating WAF with high accuracy has become a key issue for many businesses and web service providers. Our product, WafCharm, is an innovative solution enabling anyone to protect their web services easily and safely. Companies should be able to focus on innovation and value creation, without worrying about managing their WAF rules. We look forward to reaching those who want to reduce costs and effort while maintaining accuracy in security to better protect their environments.”

WAF Rules Are Notoriously Difficult to Operate

Without expert WAF knowledge and full-time security engineers, even seasoned teams can have trouble creating optimal rules within the AWS WAF service and using them across AWS CloudFront distributions or other CDNs.

Typical issues for customers include rule creation that does not interfere with applications, uncertainty around the effectiveness of applied rules and whether they are actually preventing attacks, having sufficient time to understand a new vulnerability before exploits occur, and dealing with false-positives after WAF operation is underway.

“The use of WafCharm has made the operation of AWS WAF, which was difficult until now, very convenient,” said Kunihiro Okamato, general manager of development at Coconala. “I’m not exaggerating when I tell you that this was the perfect solution for us. By leaving AWS WAF operation to WafCharm, we no longer need to devote our internal resources to security measures. We also feel extremely satisfied with the extensive support system for any requests or concerns. We really appreciate the efforts Cyber Security Cloud put forth in resolving issues that we wanted to respond to as quickly as possible.”

Infrastructure team leader at Hachidori, Yosuke Matsuura, said, “My honest impression of WafCharm is that it’s very easy to use. With it, you don't have to deal with complex manual deployment details. Most of all, I'm happy that it doesn't become a burden on my work.”

AI-Driven Security and WAF Know-How Address New Norms

With COVID-forced shifts to remote work and the continuation of hybrid work models in 2021 and beyond, cybersecurity vulnerabilities have risen across businesses in almost every vertical and around the world. Cloud management services accelerate the speed of security development amid these new norms, but as systems become more scalable and distributable, they face new levels of threat. CSC’s AI engine performs deep learning on massive data sets in the cloud to discover new forms of cyberattacks and improve WAF rules implemented with WafCharm.

CSC has honed its WAF rules expertise and operations know-how through the development of its own cloud-based web security service called “Shadankun,” which blocks external cyberattacks and protects websites from personal information leakage, falsifications and service disruption, among other threats.

For both “Shadankun” and WafCharm customers, Cyhorus is a distinct advantage. As one of the most sophisticated threat intelligence and research teams in the world, Cyhorus uses cyber threat intelligence analytics that leverage extremely fast vulnerability response speeds.

WafCharm Features Emphasize Ease of Use

WafCharm only takes a few minutes to implement, then all AWS WAF operations are automated, including the handling of new vulnerabilities that surface around the world and may impact customer deployments anywhere. WafCharm is built for ease of use, offering:

Easy installation and operation — It’s not necessary to install any special equipment or switch a DNS. WafCharm automatically selects the optimal rules/signatures, but allows customers to fix those that they do not want changed automatically.
No required customer correspondence — Security experts monitor customer deployments and quickly create and apply new rules/signatures when dealing with new vulnerabilities in the threat landscape.
Optimal protection for everyone — For any deployment leveraging AWS WAF, Wafcharm enables automated selection of optimal rules/signatures.
Better security with hundreds of signatures — Since there is a possibility of leakage with limited numbers of rules, WafCharm rematches access data with hundreds of rules/signatures; attack sources identified by rematching are blacklisted automatically.
Robust reporting and notifications — Via AWS Kinesis Data Firehose, S3 and Lambda, WafCharm support can help customers generate reports from the WafCharm management screen.

Register for a free trial of WafCharm starting on June 1, 2021. The free trial period continues through the end of August 2021.

About Cyber Security Cloud Inc.

Cyber Security Cloud’s mission is to create a secure cyberspace that people everywhere can use safely. In more than 70 countries, CSC provides web application security services that leverage the most effective cyber threat intelligence and AI-driven security technology available. As one of the very few Amazon Web Services (AWS) WAF Managed Rules Sellers in the world certified by AWS — the cloud giant that holds almost half of the global cloud market share — CSC uniquely optimizes and automates rules best suited to each customers’ AWS deployments as new cyber threats emerge. CSC also offers its powerful WAF solution for Microsoft Azure and other clouds. Leading cybersecurity improvements worldwide, CSC continues to develop and refine award-winning technologies and security solutions that contribute to the information revolution.

To learn more, please visit https://www.cscloud.co.jp/en/.