Garphic Airlock Secure Access Hub

Airlock Gateway 8.1

Airlock Anomaly Shield

A normal browser sends the received cookies back to the web server, so every request can easily be associated with the same session or user. But bots are not normal users: many bots simply ignore the session cookies sent by Airlock Gateway. Airlock Gateway 8.1 can also link a session to an IP address instead of a cookie. As a result, the anomaly detection can also identify and block attackers that do not return cookies. This significantly extends the scope of the Anomaly Shield and makes it even harder for bots and other automated attackers to attack a protected website or API.

With the query parameter model, Airlock Anomaly Shield also gets a new sensor that is particularly well suited to prevent credential stuffing or password spraying attacks. In addition, we have further optimized the performance of the anomaly detection, which significantly reduces the system load on very long sessions in particular.

GraphQL

GraphQL is a modern query language for APIs. Airlock Gateway now understands GraphQL and applies various security checks to the queries. For example, to prevent APIs from being exposed to denial-of-service attacks, Airlock Gateway checks the length and recursion depth of GraphQL queries. In addition, all GraphQL attributes are protected by Airlock Deny Rules. Regardless of whether they continue to rely on REST APIs or use GraphQL: Airlock Gateway protects your APIs!

HSM

Airlock Gateway supports the two largest NetHSM vendors, Entrust nShield and Thales Luna HSMs. HSMs are useful for additional protection of private keys for HTTPS, among other things. The higher protection is achieved by the fact that the keys generated in the HSM cannot be read via software interfaces. Examples of why this additional security measure is useful are vulnerabilities such as Heartbleed or Shellshock.

Hardened filter rules thanks to Bug Bounties

The Airlock Bug Bounty program is running successfully since 2020, and it has once again produced numerous security improvements.

Updating is easy

Airlock Gateway 8.1 was released mid of August on Airlock Techzone.

A complete overview of all new features and fixes can be found in the release notes.

Release Webinar Gateway 8.1

Recording Englisch

Release Webinar Microgateway 4.1

Recording Englisch

Information for you

-Our whitepapers-

Executive View: KuppingerCole - Airlock Secure Access Hub for applications and APIs

This KuppingerCole Executive View report provides an architectural and functional overview of the Airlock Secure Access Hub, an integrated platform for secure access management - a multicloud-native security tool for web applications, APIs and beyond.

 

Fill out the form now and receive Executive View!

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge