Garphic Airlock Secure Access Hub

Airlock Gateway 7.7 and Microgateway 3.0

Airlock Gateway 7.7Airlock Microgateway 3.0

Airlock Gateway 7.7 offers improved anomaly detection. The Airlock Anomaly Shield is now also visible in the GUI. In addition, keys for JSON Web Tokens (JWT) can now be updated dynamically. 

Airlock Anomaly Shield

The Airlock Anomaly Shield uses machine learning technologies to detect anomalies in sessions and react to them with appropriate actions. This approach is particularly suitable for reliably detecting automated accesses such as those from botnets or web crawlers, because they exhibit different access patterns than "real" users. The Anomaly Shield is trained directly on the data of the protected application and is therefore optimally adapted to the protection of these applications. 

With the new release, the Anomaly Shield becomes visible in the GUI. The service, applications, patterns and rules can be conveniently administered in the Configuration Center. In addition, the anomaly scores of sessions are now visible in reporting dashboards.

Dynamic Updates for JSON Web Token (JWT) Keys

Airlock Gateway evaluates JSON Web Tokens (JWT) for intelligent access control. The keys used for encryption and signing of JWTs can now be retrieved dynamically from trusted JWKS (JSON Web Key Set) services on the Internet. Hence, the lifecycle of the keys can be controlled centrally by the JWKS service without having to update the Airlock Gateway configuration. External identity providers can thus be connected to Airlock Gateway quickly and easily. Another advantage of JWKS is the possibility of key rotation: The key server updates its key pairs regularly to keep the attack window as short as possible even if the private key is stolen.

New metrics interface for improved monitoring

Monitoring of security components is an important task. Information about service health, traffic, or technical statistics, such as the number of blocked attacks, should be accessible dynamically from the outside. Tools such as Prometheus allow a quick overview of all deployments. Airlock Gateway now offers the most important information about its status in its own metrics interface.

Further improvements

There are many other improvements in the new release, such as accelerated activation of IP address changes or an OpenAPI specification of the configuration REST API.

For a complete overview and detailed changelog, please refer to the release notes.

Airlock Gateway 7.6 is available now.

Airlock Microgateway 3.0

Airlock Microgateway 3.0 contains the new security engine of Airlock Gateway 7.7! Therefore, the Microgateway shares the ability to dynamically update keys for JSON Web Tokens (JWT). The so-called JSON Web Key Sets (JWKS) can be obtained from trusted servers on the intranet or Internet.

For simplified configuration, we provide a YAML schema that can be imported into the development environment. Hence, the development environment knows the format of the Microgateway configuration files and supports the developer by means of syntax checks and code completion. Furthermore, documentation for the keywords and attributes used is displayed directly. 

The Community Edition of the new Microgateway is available for testing free of charge.

Airlock Microgateway 3.0 is released.

Release Webinar

Recording of the release webinar
for Airlock Gateway 7.7 and Microgateway 3.0

Information for you

-Our whitepapers-

Executive View: KuppingerCole - Airlock Secure Access Hub for applications and APIs

This KuppingerCole Executive View report provides an architectural and functional overview of the Airlock Secure Access Hub, an integrated platform for secure access management - a multicloud-native security tool for web applications, APIs and beyond.

 

Fill out the form now and receive Executive View!

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge