Frequently Asked Questions

Is there a service level agreement for Call Support and Incident Response?

We don’t have one currently written up but we can draft one based on your needs.

Uploading information to Wafris Hub makes things a little tricky for healthcare providers, how do you handle data?

Wafris is not intended to be a data warehouse. Request data that comes in expires after 24 hours. If there is data you're concerned about, we have the ability to obfuscate it before it hits our data stores.

What hours are available for Call Support?

We usually are around 7am to 5pm EST time but we’ve also accommodated our customers by scheduling meetings according to their time zones.

What sort of turn-around is expected for Incident Response?

Within 24 hours but usually we can get on a call within a couple of hours depending on the severity.

I’m assuming your Geoblocking feature is IP-based? How often is the geo database updated?

Every night.

Is Reputation Blocking the feature that can identify tor exit nodes, known ip proxies, and those rule sets shown in the demo? Or is it the “grade” given to IPs?

Those two things overlap. Our “grade” is based on data for exit nodes, known proxies, etc. When reputation block is enabled we do a block all on all IPs with a low grade.

If we integrate Wafris into our Rails app, is the interface hosted at hub.wafris.org or on our app servers?

At hub.wafris.org

We currently have Rack::Attack installed. Does Wafris replace the need for that or can they work together?

They work side by side. We have an article of the transition: Migrating to Wafris from Rack::Attack. Bottom line is that you can have Wafris sit before Rack:Attack in the middleware stack that way it will at least store request data. Then you can gradually migrate your rules from Rack::Attack to Wafris as you want.

You don't have to be a security expert

Start defending your web application today.

OSS / Personal Plan

Pro Plan