Real-time protection via REST API

Block attacks before they take down your application

FireFastify detects Brute Force, SQL Injection, XSS, DDoS and more — and blocks the attacker in real time. One line of code. Any language. Free to start.

Protect my application for free I already have an account

Protecting applications worldwide

...
Events analyzed
...
IPs blocked
...
Applications protected
★★★★★

"Integrated into Laravel in 10 minutes. That same day it blocked a brute force attack that had been going unnoticed."

Rafael S. · Full Stack Developer
★★★★★

"Simple API, clear docs and the free plan already solved my problem. When I need more, I'll upgrade."

Ana C. · DevOps · SaaS Startup

Everything you need to protect your application

Smart detection, automatic blocking, and real-time alerts

Brute Force & Credential Stuffing

Automatically detects and blocks brute force attacks and credential stuffing using configurable threshold rules.

SQL Injection & XSS

Identifies SQL injection and Cross-Site Scripting patterns in real time with immediate IP blocking.

Port Scan & DDoS

Recognizes port scanning and abnormal traffic spikes, blocking attackers before they cause damage.

Geolocation & Reputation

Every IP is analyzed with geolocation data, reputation score, and verification against threat feeds.

Alerts & Webhooks

Receive e-mail alerts and configure webhooks to integrate with Slack, Discord, PagerDuty, or any system.

Simple REST API

Integrate in any language with a single HTTP call. Complete documentation and ready-to-use examples.

Integration in 3 steps

From sign-up to active protection in less than 5 minutes

1

Create your account

Free sign-up, no credit card required. Free plan with 500 requests per day.

2

Generate your API key

Create an API Key in the dashboard with the desired permissions.

3

Send events

Call the API on each request and receive the block decision in milliseconds.

# Check if an IP is blocked curl -X GET https://firefast.mantovanitec.com/api/v1/check \ -H "X-Api-Key: ff_suachave" \ -G -d ip=203.0.113.42 # Register a suspicious event curl -X POST https://firefast.mantovanitec.com/api/v1/events \ -H "X-Api-Key: ff_suachave" \ -H "Content-Type: application/json" \ -d '{"ip":"203.0.113.42","event_type":"brute_force","severity":"high"}'

Plans & pricing

Start free. Scale as you grow.

Free
R$ 0
For personal projects and testing
  • 500 requests/day
  • 7 days of history
  • 3 detection rules
  • 0 webhooks
  • E-mail support
Start for free
Starter
R$ 19,90/mo
For production applications
  • 1.000 requests/day
  • 15 days of history
  • 5 detection rules
  • 1 webhooks
  • E-mail support
Get started
Pro
R$ 49,90/mo
For teams and critical systems
  • 10.000 requests/day
  • 30 days of history
  • 20 detection rules
  • 3 webhooks
  • Priority support
Activate Pro
Business
R$ 129,90/mo
For high demand and compliance
  • 50.000 requests/day
  • 90 days of history
  • 50 detection rules
  • 5 webhooks
  • SLA & dedicated 24/7 support
Get started
Enterprise
R$ 499,00/mo
For large operations and mission-critical
  • Unlimited requests
  • 365 days of history
  • Unlimited rules
  • 10 webhooks
  • SLA & dedicated 24/7 support
Talk to sales

Created by

Luiz Ricardo Mantovani da Silva
Founder · Mantovani Technology and Innovation
profluiz.mantovanitec.com

Protect your application now

Get started free in less than 2 minutes. No credit card required.

Create free account