Gcore WAAP

GcoreSecurity

Web application and API protection with OWASP rule sets, bot management, API schema enforcement, and rate limiting — delivered at the CDN edge with a single configuration surface

Jurisdictional exposure

Provider HQ
EULuxembourg, Luxembourg

Subject to GDPR, Data Act, DGA

Region locations
APACEUUKUSOther12 regions across 5 jurisdictions
Sovereign option
No sovereign-flagged regions in the catalogue for this service.

Sub-services (3)

OWASP rule sets

Managed signatures aligned with the OWASP Top 10 plus custom-rule support

Bot management

Behavioural fingerprinting to separate human traffic from scrapers, credential stuffers, and scalpers

API protection

OpenAPI / GraphQL schema enforcement and per-endpoint rate limits

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

Where this runs

12 regions
11 countries
Commercial regions (12)

Europe (6)

  • Paris
  • Frankfurt
  • Luxembourg
  • Amsterdam
  • Madrid
  • London

North America (2)

  • US East (Virginia)
  • US West (Santa Clara)

South America (1)

  • São Paulo

Asia (2)

  • Tokyo
  • Singapore

Oceania (1)

  • Sydney

Tags

Equivalent services on other platforms

Alibaba Web Application FirewallAlibaba

Managed WAF protecting web apps from OWASP Top 10 attacks, bot traffic, API abuse, and data scraping, with global and China regional deployment, custom rule engine, and unified consoles across Anti-DDoS and Security Center

AWS WAFAWS

Web application firewall that protects against common exploits with managed rule groups, custom rules, rate-based rules, Bot Control, and CAPTCHA challenges

Azure Application GatewayAzure

Layer 7 load balancer with integrated web application firewall, SSL termination, URL-based routing, cookie-based session affinity, and autoscaling based on traffic

Cloudflare Bot ManagementCloudflare

Machine-learning bot classification at the edge — scores every request 1-99 and exposes that to WAF rules. Distinguishes search-engine crawlers, scrapers, credential-stuffing tools, and headless browsers without breaking legitimate automation.

Cloudflare API ShieldCloudflare

API-specific security layer — schema validation, mTLS client authentication, rate-limiting per JWT subject, sensitive-data detection in responses, and API discovery / inventory that auto-surfaces unknown endpoints.

Cloudflare WAFCloudflare

L7 web application firewall protecting against OWASP Top 10 risks with Cloudflare-managed rule sets, custom expression-based rules, exposed-credentials detection, rate-limiting integration, and machine-learning attack-score signals tuned across the global traffic graph

Cloud Temple Anti-DDoSCloud Temple

Volumetric and application-layer DDoS protection for services hosted on Cloud Temple, with sub-second detection and automated mitigation across the SecNumCloud-qualified perimeter

Cloud ArmorGCP

Edge DDoS protection and web application firewall with managed rule sets for OWASP Top 10, adaptive bot protection, and reCAPTCHA Enterprise integration

Huawei Web Application FirewallHuawei

Managed web application firewall with OWASP Top 10 rule sets, bot management, anti-crawler, CC (challenge-collapsar) attack mitigation, custom rule engine, and regional deployment with integrated DDoS protection

IBM Cloud Internet ServicesIBM

Edge delivery and security bundle powered by Cloudflare, offering DNS, global load balancing, WAF, DDoS protection, CDN, rate limiting, and Page Rules through a single IBM Cloud-native control plane

OCI Web Application FirewallOracle

Layer-7 protection against OWASP Top 10 attacks (SQLi, XSS, RCE), bot traffic, and DDoS at the application layer. Edge-deployed for global protection or regional for backend-fronted apps.

Web Application FirewallT Cloud

L7 web application firewall protecting against OWASP Top 10 risks — SQL injection, XSS, command injection — with managed rule sets, custom rules, IP allow/block lists, and bot-detection heuristics tuned for OTC-hosted apps

Pricing

Pricing model:per-subscription