Edgio AppOpsEdgio DeliveryEdgio StreamingContact SalesContact SupportResourcesInvestorsCareersDeliveryApp EdgeEdgeJS (CDN-as-code)ObservabilityTraffic SplittingGlobal CDNFull-Stack EnvironmentsFeature ManagementBranch PreviewPredictive PrefetchServerless ComputeGraphQL CachingImage OptimizationApp PlatformWeb Application FrameworksIterative MigrationApp SecurityWAF, DDoS, Bot Management and API ProtectionDevelop fasterRelease with confidenceRun sub-second sitesProtect your appSimplify, save and evolveSecurityStreamingExpert ServicesEdge Cache for ISPsAccelerated DevelopmentInstant Page LoadsNext-Gen Web CDNGlobal CDNWeb SecurityDocsContact SalesApp EdgeApp PlatformApp SecurityBranch PreviewEdgeJSFeature ManagementFull-stack EnvironmentsGlobal CDNGraphQL CachingImage OptimizationIterative MigrationObservabilityPredictive PrefetchServerless ComputeTraffic SplittingWAF, DDoS, Bot ManagementWeb Application FrameworksDeliveryStreamingSupportResource CenterBlogJavaScript JamDeveloper DocsChangelogForumAboutLeadership TeamCareersInvestorsNewsroomContact UsTerms of ServicePrivacy PolicyAcceptable Use PolicyData and Protection AddendumInvoice MethodologiesPrivacy ShieldWebsite Disclaimer
Blog

Layer0 Security: New WAF and Bot Detection Capabilities

By: John Swedlund | February 1, 2022
Print Article

When Limelight acquired Layer0 last year, we took a big step forward in our capabilities as a full-service edge services platform. With the closing of the acquisition, we re-launched Layer0 on the Limelight backbone in Q4 as our flagship AppCDN product for website and application delivery.

We knew that in having a cutting-edge AppCDN platform - that can deliver both monolithic and headless/Jamstack applications, we needed a strong security platform that our customers could deploy quickly and confidently. Previously we used EdgeJS logic to allow developers to deploy security features to help protect their applications. We’ve taken those capabilities a step further today.

Today, we’re excited to announce the launch of the Layer0 Security Platform. Layer0 customers can now sign up for the Layer0 Security Platform features integrating DDoS, WAF, and Bot management solutions for web applications. The Layer0 Security platform sits on the Layer0 by Limelight backbone and ensures that applications will remain secure without sacrificing performance.

Why did we do it?

Being able to deliver a wide variety of highly performant traffic to every corner of the world is only part of what a customer demands from its CDN. Listening to your feedback, we understand that web and application security and your peace of mind is also top priority in this day and age, especially for enterprise sites.

Limelight has been a leader in delivering content for over two decades and now, with Layer0 Security, there is no need for your developers to manually integrate it into your edge logic. We’re taking the necessary steps to ensure our customers have the ability to quickly deploy security products and keep applications safe from a wide variety of vulnerabilities and threats.

Tell me about the product!

Let’s start with one of the most important items we know our customers will ask about; everything within Layer0 Security is a fully PCI-DSS compliant solution and meets both GDPR and CCPA compliance standards.

We’ve deployed the Layer0 Security platform within our own network. This means Layer0 customers have a single pane of glass to control all of their services that sits within our highly performant Layer0 by Limelight backbone. We’ve long held onto the standard that DDoS protection should be a no-brainer for CDN customers. When you sign up with Layer0, our DDoS protections are automatically enabled and start protecting your account as soon as it is active.

Limelight’s high-bandwidth, globally distributed network is built to inspect and repel a wide variety of network layer DDoS attacks keeping your resources healthy and protected. We worry about the network so you don’t have to. Going beyond DDoS, we needed the ability to deploy a Web Application Firewall (WAF) to keep traffic safe from more complex threats. To solve for that, we created the Layer0 WAF and loaded it up with a wide variety of managed rule groups that a customer can deploy based on their application. The Layer0 WAF managed rule sets protect against a wide variety of attacks such as OWASP Top 10 vulnerabilities, Log4J threats, PHP object injection, SQL injections and other threats. You can enable these as broad rule groups or on a rule-by-rule basis to stop attackers in their tracks.

The final leg of defense we’re releasing is a set of Bot Management rules that our customers can deploy within the Layer0 Security platform. These rules allow customers to detect and manage a wide variety of bots that query their applications and consume valuable resources.

The managed bot rules capture the results of analyzing billions of requests to identify and block bad bots while allowing the good ones. Whether they are SEO, search engines, bad data centers, social media, or scraping bots - we give you the ability to flag those and stop them if the bot traffic is unwanted.

What’s next?

This is the first major security release for Layer0 this year but rest assured it won’t be even close to our last.  We’re investing heavily in security and have a 2022 roadmap that is full of enhancements and additional products we are working to deploy.

Keep an eye on the Layer0 blog and newsletter for updates.

Explore Edgio Solutions

Get the information you need. When you’re ready, chat with us, get an assessment or start your free trial.