Network Security

We have been developing network security software since 2008. We know a lot about network security and we provide consulting services in the area.

DDoS mitigation
DDoS protection

Being developers of Tempesta FW, an HTTPS reverse proxy with advanced application layer (L7) DDoS mitigation features, we know a lot about the modern DDoS attacks and the state-of-the-art DDoS protection open source projects.

To protect you against L7 DDoS attacks, we properly tune your web stack and the operating system, set up the most suitable open source solutions, provide you handy scripts for the logs analyzing and requests classification. We guide you how to deploy a cheap CDN-alternative solution using inexpensive public clouds to mitigate volumetric DDoS attacks.

web application security
Application security

We developed the core of the Gartner mentioned WAF. We contribute to libdetection, the most accurate library detecting SQL injections. The library is the part of a NG-WAF, Wallarm. We also develop Tempesta FW, an open source WAF accelerator.

With the significant background in the field, we can help you to set up and properly tune ModSecurity, NAXSI, Suricata, Zeek, and other open source network security software to build a solid protection of your web site.

cryptography
Cryptography

Our engineers developed and optimized performance of several VPN products based on the IPsec and IKE protocols. During our work on Tempesta TLS we improved the original mbed TLS performance for more than 40 times and reported a side channel attack vulnerability for the WolfSSL library. Tempesta TLS outperforms OpenSSL for more than 80% and provides up to 4 times lower latency.

Our expertise can be beneficial in blockchain, VPN, TLS, and other projects dealing with cryptography.