Next-Gen WAF

Attack signal thresholds are now aggregated System site alerts monitor and flag IP addresses that exhibit repeat malicious behavior and…

The Signal Sciences platform is an application security monitoring system that proactively monitors for malicious and anomalous web traffic…

The Signal Sciences platform is an application security monitoring system that proactively monitors for malicious and anomalous web traffic…

Processors We support the following processors: Intel. All agent and module versions are compatible with Intel processors. AMD. All agent…

The Edge deployment method allows you to add the Signal Sciences as an edge security service onto Fastly's Edge Cloud Platform without…

Support is available for the Envoy Proxy via builtin Envoy gRPC APIs implemented in the sigsci-agent running as a gRPC server. Envoy v…

Signal Sciences supports multiple installation methods. You can use Fastly’s Edge Cloud Platform , you can use Signal Sciences’ hosted…

We provide the ability to configure the Signal Sciences module. The following attributes are set by default, but may need to be modified to…

Agent The Signal Sciences agent supports different combinations of operating systems and architecture types. Download the latest version of…

The Agent can be configured to run as a reverse proxy allowing it to interact directly with requests and responses without the need for a…

Header links facilitate cross-referencing Signal Sciences data with your own internal systems via a hyperlink. We currently support linking…

Site alerts monitor and handle requests from IP addresses that have been tagged with specific signals. Specifically, when the number of…

Our Module package is distributed in our package repositories, if you haven't already, configure our repository on your system. Upgrading…

Upgrading the IIS Module The process for upgrading the IIS module is the same as installing the IIS Module with the latest release…

Our Module package is distributed in our package repositories. If you haven't already, configure our repository on your system. Upgrading…

There are two types of integrations: Corp Integrations and Site Integrations : Corp Integrations Corp integrations notify you about…

Cisco Threat Response (CTR) is a tool used by incident responders that aggregates data from various Cisco security products like AMP for…

Events Feed Our Datadog event integration creates an event when IP addresses are flagged on Signal Sciences. Adding a Datadog integration…

Our generic webhooks integration allows you to subscribe to notifications for certain activity on Signal Sciences. Adding a webhook From the…

With the Signal Sciences plugin for HashiCorp Vault, you can use Vault to manage the keys for your agents. Vault is an identity-based…

Our JIRA issue integration creates an issue when IP addresses are flagged on Signal Sciences. Adding a JIRA issue integration JIRA issue…

Our mailing list integration allows you to receive email notifications for certain activity on Signal Sciences. Adding a mailing list…

Our OpsGenie issue integration creates an alert when IP addresses are flagged on Signal Sciences. Adding a OpsGenie integration Create an…

Our PagerDuty issue integration creates an incident when IP addresses are flagged on Signal Sciences. Adding a PagerDuty integration…

The PivotalTracker integration allows you to create a story anytime an event triggers. Adding a PivotalTracker integration PivotalTracker…

Our Slack message integration allows you to be notified when certain activity occurs on Signal Sciences. Adding a Slack message integration…

The generic webhook integration enables you to export notifications for certain activity on Signal Sciences directly to Sumo Logic…

Our Teams integration allows you to be notified when certain activity occurs on Signal Sciences. Adding Teams integration You can add Teams…

The VictorOps integration allows you to send a notification to VictorOps anytime activity occurs. This includes IP flagging events in…

Our entire console is built API-first — this means that anything we can do, you can do as well via our API, which is fully documented here…

Signal Sciences stores requests that contain attacks and anomalies, with some qualifications. If you would like to extract this data in…

This document demonstrates various data flows between the Module and Agent. While MessagePack is the serialization protocol, the data is…

Starting with: Agent > 1.8.386 NGINX Module > 1.0.0+343 Apache Module > 207 X-SigSci- headers are added in the incoming request. The end…

Basics Here are some answers to a few basic Signal Sciences questions. What platforms does SigSci support for the module/agent? Our…

StatsD Metrics Metrics can be reported through StatsD to the service of your choice using the statsd-address agent configuration flag…

Fastly Security Labs is a program that grants your Signal Sciences corp access to in-development beta features. In addition to early…

Term Definition Admin A user role that has limited access to corp configurations, can edit specific sites, and can invite users to sites…

Signal Sciences provides full support for IPv6 in the product, including: Detection and decisioning: Requests are appropriately tagged and…

Currently, NGINX only supports one init_by_lua or init_by_lua_file , which is used by the Signal Sciences NGINX module. If you have your…

Often the server being protected is behind a load balancer or other proxy. In this case, the server will see this load balancer or proxy IP…

Free Text In many cases, you can just enter a free-text query. Example Description /a/path/here sqli -7h Show all SQLI in last 7 hours with…

My data is not showing in the console but the agent and module are running If both the agent and module are reporting as active within the…

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security…

Apache module fails to load ( The following information has been confirmed for RHEL/CentOS deployments using the default yum module…