smart-waf · live

Website security that thinks faster than the attack

Point your DNS at our EU edge and every request is filtered by dual signature WAF engines running the OWASP ruleset — within a ≤5 ms latency design budget, with a full audit trail in your portal.

EU edge WAF≤5 ms design budgetfull audit trail

Defense in depth, every layer shipped

Not one filter — a stack of them, each traceable to running code.

Dual signature WAF + OWASP rules

Two WAF engines — one in an in-process WASM sandbox, one native — run the OWASP Core Rule Set, selectable per route.

PoW → CAPTCHA → Web Bot Auth ladder

Suspicious clients escalate through proof-of-work, then CAPTCHA, then Web Bot Auth (cryptographic HTTP message signatures). Humans pass; automated abuse stalls.

ML entity-scoring with graduation

Per-entity risk scoring graduates from detection to verify to enforce, so a new signal observes before it is ever allowed to block.

See all capabilities →

From DNS change to filtered traffic

Three steps, no agent to install.

01

Point your DNS

Route your domain to our EU edge nodes. Per-tenant Let's Encrypt issues and renews the certificate automatically.

02

We filter at the edge

Our WAF engines and OWASP rules inspect every request; the challenge ladder handles bots; L3/L4 early-drop sheds confirmed floods — within a ≤5 ms design budget.

03

Clean traffic, full audit

Only clean requests reach your origin, and every decision lands in an immutable audit trail in your portal.

How it works →

EU-native, GDPR by architecture

Edge nodes run in the EU (Hetzner, OVH, Scaleway). No cookies, no third-party trackers. Data residency, configurable retention, and right-to-deletion are built in — not bolted on.

Read our trust posture →

This site runs behind our own edge

Real numbers from this very site's edge logs — regenerated at each deploy, measured on our single staging node. No live counter, no inflation.

staging · single node

2631

Requests filtered (measured window)

351

Attacks blocked

Window: 2026-07-12T07:15:13+00:00 → 2026-07-13T21:10:57.104644+00:00

Protect your site at the edge

We onboard early partners by hand. Tell us your domain and we'll take it from there.

Apply for Early Access