To detect anomalies, the Anomaly Shield must be configured and initially baseline-trained for each application separately. After training, the Anomaly Shield can analyze request traffic patterns of web sessions and generates anomaly information continuously as new requests arrive. The Airlock Anomaly Shield enforcement logic uses configured patterns against the anomaly information to determine the appropriate actions for each session.
Note that Airlock Anomaly Shield applications are a synonym for an Anomaly Shield setup for a back-end/back-end application. In most cases, you may want to have multiple Anomaly Shield applications set up to shield your back-end services.