OCI Web Application Firewall

OracleSecurity

Layer-7 protection against OWASP Top 10 attacks (SQLi, XSS, RCE), bot traffic, and DDoS at the application layer. Edge-deployed for global protection or regional for backend-fronted apps.

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore OCI in TreemapExplore security in HoneycombSee OCI regions on the World MapSee security as a networkScore jurisdiction exposure
DocumentationPricingOCI website

Jurisdictional exposure

Provider HQ
USAustin, USA

Subject to CLOUD Act, FISA-702, DPF

Region locations
APACEEAEUUKUSOther58 regions across 6 jurisdictions
Sovereign option
Yes — 12 sovereign-flagged regions available
Full scorecard for this service →US lens detail →Sovereign cloud coverage map →

Attributes

Ga Year
2019

Sub-services (3)

Managed Rule Sets

Oracle-maintained protection signatures against OWASP Top 10 and known CVEs

Bot Management

Reputation-based and behavioural detection for bad bots; CAPTCHA challenges

Rate Limiting

Per-IP / per-token rate limits to defend against credential-stuffing and scraping

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

GDPRSOC 2ISO 27001HIPAAPCI DSSFedRAMP

Where this runs

58 regions
27 countries
12sovereign
Sovereign regions (12)
  • EU Sovereign Spain (Madrid) · MadridOracle EU Sovereign Cloud
  • EU Sovereign Germany (Frankfurt) · FrankfurtOracle EU Sovereign Cloud
  • US Gov East (Ashburn) · AshburnOracle US Government Cloud
  • US Gov West (Phoenix) · PhoenixOracle US Government Cloud
  • US Federal (Ashburn) · AshburnOracle US Government Cloud
  • US Federal (Chicago) · ChicagoOracle US Government Cloud
  • US Federal (Phoenix) · PhoenixOracle US Government Cloud
  • US DoD East · AshburnOracle DoD Cloud (US)
  • US DoD Central · ChicagoOracle DoD Cloud (US)
  • US DoD West · PhoenixOracle DoD Cloud (US)
  • UK Government (London) · LondonOracle UK Government Cloud
  • UK Government (Newport) · NewportOracle UK Government Cloud
Commercial regions (46)

Europe (12)

  • France South (Marseille)
  • France Central (Paris)
  • Germany Central (Frankfurt)
  • Italy Northwest (Milan)
  • Italy North-West (Turin)
  • Netherlands Northwest (Amsterdam)
  • Serbia Central (Jovanovac)
  • Spain Central (Madrid)
  • Sweden Central (Stockholm)
  • Switzerland North (Zurich)
  • UK South (London)
  • UK West (Newport)

North America (8)

  • Canada Southeast (Montreal)
  • Canada Southeast (Toronto)
  • Mexico Northeast (Monterrey)
  • Mexico Central (Querétaro)
  • US East (Ashburn)
  • US Midwest (Chicago)
  • US West (Phoenix)
  • US West (Salt Lake City)

South America (5)

  • Brazil East (São Paulo)
  • Brazil Southeast (Vinhedo)
  • Chile Central (Santiago)
  • Chile West (Valparaíso)
  • Colombia Central (Bogotá)

Asia (11)

  • India South (Hyderabad)
  • India West (Mumbai)
  • Indonesia Central (Batam)
  • Japan Central (Osaka)
  • Japan East (Tokyo)
  • Malaysia Central (Kulai)
  • Malaysia West 2 (Kulai)
  • Singapore (Singapore)
  • Singapore West
  • South Korea North (Chuncheon)
  • South Korea Central (Seoul)

Oceania (2)

  • Australia Southeast (Melbourne)
  • Australia East (Sydney)

Middle East (6)

  • Israel Central (Jerusalem)
  • Saudi Arabia West (Jeddah)
  • Saudi Arabia Northwest (NEOM)
  • Saudi Arabia Central (Riyadh)
  • UAE Central (Abu Dhabi)
  • UAE East (Dubai)

Africa (2)

  • Morocco Central (Casablanca)
  • South Africa Central (Johannesburg)

Tags

securitywafowaspddosbot-management

Equivalent services on other platforms

AWS WAFAWS

Web application firewall that protects against common exploits with managed rule groups, custom rules, rate-based rules, Bot Control, and CAPTCHA challenges

Cloud ArmorGCP

Edge DDoS protection and web application firewall with managed rule sets for OWASP Top 10, adaptive bot protection, and reCAPTCHA Enterprise integration

Pricing

Pricing model:usage-based