Get Spherical Defense Express from the AWS marketplace.

Deploy on AWS in 1 minute, and start protecting your APIs, SaaS and Mobile applications using unsupervised deep learning.

  • No configuration
  • 1-click deployment
  • Eliminate false positives
  • $1.75 per hour
  • No data leakage off-premises

API messages in JSON or XML comprises 83% of web traffic, with only 16% now coming from browsers.

Akamai State of the Internet, 2019

Introducing Spherical Defense

Spherical Defense offers an alternative approach to WAFs and first generation API security tools.

Instead of relying on an administrator to define rules and signatures to specify good or bad application traffic, Spherical uses Unsupervised Deep Learning to develop a positive security model of your application in real-time.

Spherical learns continually as new traffic is received, and automatically adapts as your application is developed, and as user behavior changes.

Rapid Deployment

Our model is built using API requests, which may be historic data, or real time API calls. Unlike WAFs, there is no need for the creation of rules or signatures

Easy Integration

Our technology fits within your existing infrastructure, be that on premise or a private cloud; Our product is also agnostic to your choice of infrastructure

Secure and Confidential

All your data stays within your network, and our model can be built and operated without requiring any third-party access to your data

Unattended Learning

We dynamically build any number of models to protect each of your applications, without the need for user intervention

Transparent Operation

Security is provided with little or no performance degradation.


We provide fail-safe service against any single point of failure


Learning any structured machine to machine communications flows, including external weblogs, internal application logs and system logs


Holistically monitoring entire sequences of interactions between external clients, and your APIs.


The system operates autonomously, with no intervention required. No historical attack data is required; zero-day attacks are just deviations from normal. Free your team from sifting through false positives communicates.


The system is designed for the analysis of complex trees and JSON objects, which results in unparalleled accuracy and minimal false positives.

Application Use Cases

Internal Networks

Internal application-level traffic (L7) within your network


Dynamic real-time models of each API and user interactions

System Calls

Kernel system calls and OS queries

Service Mesh

Internal communications through the service mesh or kubernetes