Helps us to monitor situations in regards to attacks to our sites and prevents a lot of them.
The most powerful feature is the ability to first learn what type of query to make to your web application when it is attacked and what type of query creates a false positive to your app. You can first learn Wallarm in monitoring mode, then turn it on blocking mode. It is a cool feature and helps a lot to not block real users and only block robots and attackers.
The biggest problem for us was the stability and speed using the first version of Wallarm. Now, it is fine.
Yes, but with newer versions, the number of issues with stability has been going down.
They have good technical support. It is still not perfect, but much better than in the first version of product.
Yes, it was ModSecurity, but their WAF is not flexible and gives a lot of false positives because you need to create regular expressions for a lot of queries. It is hard and not useful.
The first setup was not so trivial as we suspect. There were problems with monitoring. There were problems with the setup, but the guys already solved these problems, and now it is fine.
At first, we started use Wallarm instead of our web server, but later start using Wallarm as a reverse proxy for the whole web application in our network and it is better solution for us.
Pricing must be cheaper than the competition and the licensing must be good.
Before we switched to Wallarm's first version, we tested Imperva WAF but Wallarm's results were much better than Imperva and we choose Wallarm with a big discount for first year of usage. It was really good for our needs.
Set up Wallarm as a reverse proxy. Do not replace your web server. Use Wallarm first in monitoring mode, then learn from Wallarm which type of request is false positive and which type of request is not. This process takes a couple of weeks for very highly-loaded web applications (few millions of unique visitors in one month). Then you can turn Wallarm into blocking mode and everything will be fine. Do not forget to build a monitoring system, the wave, and API for it.
Before we started using Wallarm, I already knew Ivan (CEO) and Stepan (COO) from a couple of years before. Ivan had his own security company and Stepan was working on a Russian security magazine called Xakep. They told us that they wanted to create a new WAF and already had a working version of it. They asked me to test it. We did tests, and it was really good. After few month after testing, we signed an agreement. Our choice was made not because we knew these guys for a long time, but because the product was really cool and we were glad to start using it as one of the first on the market!