WAF for Kubernetes
Wallarm’s Cloud Native WAF automates application protection and security testing. Installed directly on an NGINX Ingress controller, Wallarm protects containerized applications, microservices, and APIs powered by Kubernetes cluster and running on private and public clouds.
Protect Cloud Native apps
  • XSS, XXE, SQL Injections, RCE and other OWASP Top 10 threats
  • Brute-force attacks, dirbusting, and account takeover (ATO)
  • Application abuse and logic bombs
  • Bots
No manual rule configuration
  • Eliminate false positives without tuning
  • 90% of customers use Wallarm Kubernetes WAF in blocking mode
  • Signature-free rules are created automatically and customized for every application
Easy deployment in Kubernetes
  • Robust, fast, highly available filtering nodes
  • Support Kubernetes NGINX Controller / NGINX Plus Controller
  • Install as a sidecar Docker container within the k8s pods.
  • Deploy in AWS, GCP, Azure or any cloud
Wallarm WAF for Kubernetes
Integrates with existing infrastructure

Deployment options

Dynamic module:

NGINX / NGINX PlusKongKubernets Ingress

Reverse Proxy:

DockerLinux Package

API and Integrations

Full open API:

Operational controlsData retrieval

Out-of-the-box integrations:




Certified environments

Public clouds:




Private / Hybrid clouds:

VMmware VMDocker / Kubernetes
We tried to use mod_security, but there was a lot of pain with the complicated rules / signatures and non-stop false positives.
The environment is very dynamic, and there are a lot of applications and APIs to protect, so we needed a solution that is automated, self-tuning, and centrally managed.
Wallarm was able to profile the normal operation the web infrastructure and identify the application-layer (L7) DDoS attack.
Schedule a live product demo
Got it! Thanks for your interest. We will contact you shortly.
I'm interested in:
Available Resources