Service Protection (WAF)

Our platform is protected by an industry-leading Web Application Firewall (WAF) provided by our partner, Cloudflare, a global leader in web security. The WAF acts as a powerful shield, operating on a global edge network to filter all traffic before it reaches our core infrastructure. This proactive defence is a critical component of our strategy to ensure the stability and security of the MessageFlow service.

Key benefits of our WAF implementation include:

• DDoS Mitigation: The WAF automatically detects and mitigates large-scale Distributed Denial-of-Service (DDoS) attacks of all types. By absorbing and filtering malicious traffic at the network edge, it ensures that our platform and API remain available and responsive, even during an attack.

• Protection Against Common Vulnerabilities: It provides robust protection against the most critical web application security risks, as defined by the OWASP Top 10. This includes defending against common attack vectors such as SQL injection (SQLi), cross-site scripting (XSS), and other attempts to compromise the application layer.

• Intelligent Bot Management: The WAF intelligently identifies and blocks malicious automated traffic. This prevents bad bots from scraping content, attempting credential stuffing attacks, or otherwise abusing our services, while allowing legitimate bots (like search engine crawlers) to pass through.

See our full list of Sub-processors.