Yandex Smart Web Security overview

Smart Web Security protects your infrastructure against cybersecurity threats at OSI application layer (L7). These may include DDoS attacks, bots, and SQL injections. In addition, you can enable DDoS protection at L3 and L4 using Yandex DDoS Protection.

Smart Web Security is a toolkit to protect infrastructures of various complexity and scale. Protection is achieved by cleaning malicious traffic from the incoming traffic flow. The traffic is checked against filtering rules in a security profile. You can additionally process the cleaned traffic with ARL profile rules to reduce the load on your application.

A security profile may include:

• Basic rules for simple traffic filtering based on specified conditions.
• Smart Protection rules for automatic protection against DDoS attacks with machine learning and behavior analysis algorithms.
• WAF profile rules for protection against web app or website vulnerability exploits. They block many known threats, such as SQL and command injections, cross-site scripting, and more. You can add multiple rule sets to a WAF profile, e.g., OWASP CRS, Yandex Ruleset, and ML WAF (Yandex Malicious Score).
• Built-in Yandex SmartCaptcha to run CAPTCHA checks against bots and spam.
• IP address filtering lists to allow or block requests from specified IP addresses.

An ARL profile contains rules for limiting the number of requests to the protected resource based on various conditions.

You can connect a security profile to various types of resources:

• Virtual host or ingress controller to protect resources that use Yandex Application Load Balancer.
• API Gateway API gateway to protect the APIs of your applications.
• Domain to protect your website or web application hosted in Yandex Cloud, your internal infrastructure, or other platforms.

Smart Web Security allows you to create multiple security profiles and use them to consolidate various security tools.

How it worksHow it works

Smart Web Security checks the HTTP requests sent to the protected resource via the virtual host of the L7 load balancer against the rules configured in the security profile. Depending on the results of the check, the requests are routed to the virtual host, blocked, or sent to Yandex SmartCaptcha for additional verification.

To protect your web applications against external threats, Smart Web Security also implements a web application firewall (WAF).

Advanced Rate Limiter (ARL) helps monitor and limit your web application loads.

Monitoring and auditMonitoring and audit

Smart Web Security logs are sent to Yandex Cloud Logging.

Smart Web Security metrics are sent to Yandex Monitoring.

Smart Web Security audit logs are sent to Yandex Audit Trails.

Application Load Balancer setup recommendationsApplication Load Balancer setup recommendations

To enhance DDoS protection of your applications, consider these additional tips:

• Configure autoscaling. This will allow you to dynamically adapt to the increased load and optimize traffic redistribution.
• Deploy your resources across multiple availability zones.
• Use HTTPS for secure communication: configure a listener to automatically redirect requests from HTTP to HTTPS.
• Ensure protection at the lower OSI model layer: enable basic DDOS protection at L3 and L4 to prevent some attacks at an earlier stage.

These measures, in addition to setting up Smart Web Security, will increase the resilience of your services to potential threats and ensure security of your applications.

See alsoSee also

• Cloud security in Russia: Key cyberthreat trends in 2025
• How to set up web app security with Yandex Smart Web Security
• Yandex SWS and CDN: Website protection and acceleration for businesses of any size
• What is a SOC: Cybersecurity monitoring center