Skip to content

Wallarm Subscription Plans

Wallarm is the only solution that unifies API discovery, risk management, real-time protection, and testing capabilities to protect your entire API portfolio in multi-cloud, cloud-native and on-premise environments. You can easily choose the set of functionality that best suits your needs.

Core subscription plans

Cloud Native WAAP - WAAP (Web Application & API Protection) subscription provides web applications and APIs with protection against common threats such as SQLi, XSS, brute force, etc. It supports all API protocols but does not cover some specific API threats.

WAAP + Advanced API Security. This bundle enhances general WAAP capabilities with comprehensive API Security tools to cover all OWASP API Top-10 threats.

Security Testing. This bundle helps you proactively uncover security vulnerabilities in your applications and APIs before attackers do.

Feature WAAP WAAP + API Security Security Testing
Real-time protection
DDoS protection (L7) Yes Yes No
Geo/source filtering Yes Yes No
IP reputation feeds Yes Yes No
Attack stamps (SQLi, XSS, SSRF, etc.) Yes Yes No
Customer defined signatures Yes Yes No
Virtual patching Yes Yes No
Brute force protection Yes Yes No
Forced browsing protection Yes Yes No
Distributed rate limiting Yes Yes No
BOLA protection Manual triggers Automated protection No
API Abuse Prevention (bot management) No Yes No
Credential Stuffing Detection No Yes No
API Specification Enforcement No Yes No
GraphQL security policies No Yes No
Enumeration attack protection No Yes No
Mitigation controls No Yes No
Security posture
API Attack Surface Management (AASM) No Yes No
Vulnerability assessment Yes Yes No
API Sessions No Yes No
API Discovery No Yes No
Sensitive data detection No Yes No
Rogue API Detection (shadow, orphan zombie) No Yes No
Security testing
Threat Replay Testing No Yes Yes, with API Security
Schema-Based Security Testing No No Yes
Additional options
Self-hosted Node deployment All All No
Security Edge No No No
Integrations All All All
Number of users Unlimited Unlimited Unlimited
SSO authentication Yes Yes Yes
Role-based access control (RBAC) Yes Yes Yes
Multi-tenant Yes (by request) Yes (by request) Yes (by request)
Period of event storage 6 month 6 month 6 month
Support Standard/
Advanced/
Platinum
Standard/
Advanced/
Platinum
Standard/
Advanced/
Platinum

To activate the subscription plan, contact sales@wallarm.com.

API Attack Surface

Relations to other plans

This subscription plan:

The API Attack Surface subscription plan provides a comprehensive view of publicly exposed APIs and related information with zero deployment and minimal configuration.

The subscription plan provides the API Attack Surface Management (AASM) product which includes:

To activate the subscription plan, do one of the following:

  • If you do not have Wallarm account yet, get pricing information and activate AASM on the Wallarm's official site here.

    When activating, scanning of the used email's domain starts immediately while you negotiate sales team. After activation, you can add additional domains to the scope.

  • If you already have Wallarm account, contact sales@wallarm.com.

Security Edge (Paid Plan)

Relations to other plans

This subscription plan:

The Security Edge subscription plan allows you to deploy the Wallarm node on the managed environment, eliminating the need for onsite installation and management.

With Wallarm handling node hosting and maintenance, you can focus on your core infrastructure while benefiting from robust traffic filtering, attack detection, and secure communication - all backed by Wallarm.

Available Security Edge deployments include:

To inquire about this subscription, please contact sales@wallarm.com.

Security Edge Free Tier

For smaller companies and educational purposes, Wallarm offers the option to create a Security Edge Free Tier account yourself. You can choose the Wallarm cloud that best suits your storage preferences:

The Security Edge Free Tier account allows:

  • Security Edge functionality, with some feature limitations.

  • Process up to 500 thousand requests per month with no limitation in time.

  • Access to the Wallarm platform as Advanced API Security, except for the following:

If a Free Tier account exceeds 100% of the monthly quota, your access to the Wallarm Console is disabled, along with all integrations. When reaching 200%, protection on your Wallarm nodes is disabled. These restrictions will be in effect until the first day of the next month.

To remove all restrictions, contact sales@wallarm.com.