In the ever growing world of web-based applications and services, it’s crucial to ensure systems’ protection and functioning. Web Application Firewall solutions have become essential to control data traffic and prevent malicious activities. Most web security tools are based on a fixed set of rules designed to detect specific patterns in incoming requests. However, the increasing sophistication and variability of hacking techniques has diminished traditional WAFs effectiveness: they can only recognize already known types of attacks. Let’s see how this works. Every day, web applications and services are accessed by thousands of users. Hackers hide among them, attempting to infiltrate application infrastructures, compromise their functioning and obtain sensitive information. Hacking processes take advantage of an applications vulnerabilities and injects it with malicious code. Ordinary WAFs attempt to prevent this by analyzing and filtering the traffic according to the given rules. However, the slightest variation in a known attack is enough for traditional firewalls to fail in recognizing it as a threat. This way, a malicious request is able to evade the rules and take over the system, causing unwanted alterations in the application and even worse consequences for owners and users, like leakages of credentials, personal data, account numbers and codes. Grounded on a decade of research about machine learning and pattern recognition technologies, Attack Prophecy is designed to adapt for any web application, defining specific protection policies able to counteract both existing attacks and upcoming threats. Attack Prophecy’s activity begins by monitoring the internet traffic directed towards the web application. This analysis allows Attack Prophecy to learn the legitimate behaviors within the system, creating a unique and tailored set of rules, cross-checked by operators and constantly updated. On the basis of this model, Attack Prophecy constantly scans and compares the incoming data flow: each time an anomaly between the observed traffic and the legitimate profile is detected, Attack Prophecy prevents any further action by blocking the unusual incoming requests, effectively protecting the system from any potential threat. At the same time the suspicious activities are notified to the operators who are asked to validate and to label them either as legitimate or threats. Operators can anytime access the Attack Prophecy’s dashboard for adjusting the protection rules, as well as monitoring the application overall working status. From single servers to cloud systems, Attack Prophecy’s scalability enables integration with any environment, providing protection against common hacking techniques. These include Cross-Site Scripting and SQL Injection, as well as more advanced like Phishing; and Zero-day Attacks. Attack Prophecy also ensures an incredibly low false alarm rate. By learning, detecting and protecting, Attack Prophecy will continue to evolve and respond to any future hacking threats. Attack Prophecy, rewriting the rules of protection.