Gcore WAAP

GcoreSecurity

Web application and API protection with OWASP rule sets, bot management, API schema enforcement, and rate limiting — delivered at the CDN edge with a single configuration surface

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore Gcore in TreemapExplore security in HoneycombSee Gcore regions on the World Map
DocumentationPricingGcore website

Jurisdictional exposure

Provider HQ
EULuxembourg, Luxembourg

Subject to GDPR, Data Act, DGA

Region locations
APACEUUKUSOther12 regions across 5 jurisdictions
Sovereign option
No sovereign-flagged regions in the catalogue for this service.
Full scorecard for this service →EU lens detail →Sovereign cloud coverage map →

Sub-services (3)

OWASP rule sets

Managed signatures aligned with the OWASP Top 10 plus custom-rule support

Bot management

Behavioural fingerprinting to separate human traffic from scrapers, credential stuffers, and scalpers

API protection

OpenAPI / GraphQL schema enforcement and per-endpoint rate limits

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

GDPRISO 27001PCI DSS

Where this runs

12 regions
11 countries
Commercial regions (12)

Europe (6)

  • Paris
  • Frankfurt
  • Luxembourg
  • Amsterdam
  • Madrid
  • London

North America (2)

  • US East (Virginia)
  • US West (Santa Clara)

South America (1)

  • São Paulo

Asia (2)

  • Tokyo
  • Singapore

Oceania (1)

  • Sydney

Tags

wafapi-securityowaspeurope

Equivalent services on other platforms

Alibaba Web Application FirewallAlibaba

Managed WAF protecting web apps from OWASP Top 10 attacks, bot traffic, API abuse, and data scraping, with global and China regional deployment, custom rule engine, and unified consoles across Anti-DDoS and Security Center

AWS WAFAWS

Web application firewall that protects against common exploits with managed rule groups, custom rules, rate-based rules, Bot Control, and CAPTCHA challenges

Azure Application GatewayAzure

Layer 7 load balancer with integrated web application firewall, SSL termination, URL-based routing, cookie-based session affinity, and autoscaling based on traffic

Cloud ArmorGCP

Edge DDoS protection and web application firewall with managed rule sets for OWASP Top 10, adaptive bot protection, and reCAPTCHA Enterprise integration

Huawei Web Application FirewallHuawei

Managed web application firewall with OWASP Top 10 rule sets, bot management, anti-crawler, CC (challenge-collapsar) attack mitigation, custom rule engine, and regional deployment with integrated DDoS protection

IBM Cloud Internet ServicesIBM

Edge delivery and security bundle powered by Cloudflare, offering DNS, global load balancing, WAF, DDoS protection, CDN, rate limiting, and Page Rules through a single IBM Cloud-native control plane

Pricing

Pricing model:per-subscription