AI WAF Anomaly
ProDetect and mitigate zero-day vulnerabilities, API abuse, and complex injection attacks using localized machine learning models.
How Anomaly Detection Works
Standard WAFs rely on signatures (such as regex rules) to block known attack vectors like OWASP Top 10. However, novel attacks, custom prompt injection techniques for LLM endpoints, and subtle API exploitation bypass static signature checks.
AI WAF Anomaly establishes a baseline of your normal API requests (path structures, parameter types, content lengths, headers). Requests with anomalous parameters trigger a threat score. If the threat score exceeds your threshold, the request is flagged, challenged, or blocked.
Dashboard Setup & Configuration
You can configure the AI WAF Anomaly engine directly inside the EdgeWrap Dashboard:
- Navigate to your project in the dashboard at
https://app.edgewrap.pro. - Go to the Security page and select the WAF tab.
- Scroll down to the AI Security section.
- Toggle the AI Anomaly Scanning switch to Enabled.
- Define the anomalous score thresholds and enable the prompt injection shields as required.
- Click Save Settings.
API Configuration
Alternatively, you can manage the AI Anomaly detection settings programmatically:
| Param | Type | Description |
|---|---|---|
| aiAnomalyEnabled | boolean | Enable or disable machine learning anomaly scanning.(default: false) |
| aiAnomalyThreshold | number | Anomalous threshold score (0.00 to 1.00) above which requests are blocked.(default: 0.85) |
| promptInjectionEnabled | boolean | Specifically enable natural language prompt injection scanner (ideal for LLM gateway endpoints).(default: false) |
curl -X PATCH https://server.edgewrap.pro/v1/projects/prj_01jxyz/waf/config \
-H "Authorization: Bearer <your_session_token>" \
-H "Content-Type: application/json" \
-d '{
"aiAnomalyEnabled": true,
"aiAnomalyThreshold": 0.80,
"promptInjectionEnabled": true
}'