Description
FortiWeb AI-Powered Web Application Firewall for Web Apps & APIs
FortiWeb is a Web Application Firewall (WAF) that protects web applications, APIs, and mobile back-end services from common exploits and zero-day threats. It combines traditional WAF controls (signatures, IP reputation, protocol validation) with a second layer of machine-learning detection to block real attacks while minimising false positives.
Key Highlights
-
AI/ML threat detection that separates benign anomalies from actual attacks (reduces false positives)
-
API discovery + protection using ML, with schema validation (OpenAPI / JSON / XML) and CI/CD-friendly updates
-
Advanced bot mitigation (credential stuffing, scraping, automated abuse) with tracking + CAPTCHA when needed
-
Client-side protection to detect/block malicious JavaScript in browsers (supports PCI DSS 4.0 controls)
-
Security Fabric integration (works with FortiGate / FortiSandbox / FortiGuard intelligence) and virtual patching via third-party scanners
Deployment Options
Available as appliance, VM, cloud, SaaS, and container, supporting common environments (on-prem, hybrid, public cloud).
Performance Snapshot (Appliances)
-
100F: up to 100 Mbps
-
400F: up to 500 Mbps
-
600F: up to 1 Gbps
-
Higher models scale up to multi-Gbps throughput for larger environments.
View data sheet: FortiWeb Data Sheet