Garphic Airlock Secure Access Hub

Airlock Gateway 8.2

Airlock Anomaly Shield

With Gateway 8.2, Anomaly Shield can analyze the behavior of browser clients to distinguish bots from humans. This is done transparently for the user and thus avoids the negative effects of CAPTCHAs on user-friendliness. This feature is called Client Behavior Analysis and is offered as a new model.

The configuration of the Anomaly Shield has been optimized and simplified with several measures. For the initial configuration of the Anomaly Shield, a recommended default configuration with triggers and rules is now offered directly in the Configuration GUI. This default configuration corresponds to the recommendation from the documentation and no longer needs to be entered manually. 

During operation, all ML models should be retrained again and again to ensure that changes in the behavior of the attackers are detected by the models and to prevent more false positives from occurring over time. To minimize the operational effort for retraining, it is now possible to configure whether all models should be regularly retrained and also applied immediately. 

Policy Learning

In a productive environment, there are typically many blocks. Finding the false positives among the true positives among the many blocks is no easy task. For this reason, Policy Learning in Airlock Gateway 8.2 has been expanded to include the filters "Authenticated Sessions only", "Max. attack type per IP" and "Source Country" to make the admin's work easier. Blocks that are displayed after applying the new filters are very likely to be false positives.

OpenAPI Enhancements

Services with APIs are the future of web applications. Technologically state-of-the-art for some time now, APIs are even required by regulations, such as the EU-wide directive for the financial industry PSD2. Such public APIs have a particularly high protection requirement, as they allow direct access to sensitive business data.

OpenAPI support in Airlock Gateway 8.2 has been extended to include "application/x-www-form-urlencoded". Airlock Gateway now offers even more protection for back-ends and APIs, validates requests and blocks non-compliant requests.  Manually configured or learned security policies become obsolete, as updated specifications can be supplied automatically with service updates. This is a win-win for security and operations: precise allowlist rules for API access, automatically updated!

Post-Quantum Cryptography: PoC

Security is very important to Airlock. That's why we follow topics such as post-quantum cryptography with an eagle eye. In order to gain experience in customer environments, we have started a research program with selected customers. Customers and partners who are also interested are welcome to contact us to take part in this research program. 

HSM

Airlock Gateway supports the two largest NetHSM manufacturers, Entrust nShield and Thales Luna HSMs. Among other things, HSMs are useful for additional protection of private keys for HTTPS. The higher level of protection is achieved by the fact that the keys generated in the HSM cannot be read via software interfaces. Examples of why this additional security measure makes sense are vulnerabilities such as Heartbleed or Shellshock.

Thales Luna Network HSM 7 and Entrust nShield Connect are now supported.

Hardened filter rules thanks to Bug Bounties

The Airlock Airlock Bug Bounty Program is running successfully since 2020, and it has once again produced numerous security improvements.

Updating is easy

Airlock Gateway 8.2 is available on Airlock Techzone.

The update to this minor version does not require any manual adjustments: Your existing configuration can be activated without any problems. You can find a complete overview of all new features and corrections in the release notes.

Airlock Gateway 8.2 Release Video

In our release video you learn all the details about Airlock Gateway 8.2

Information for you

-Our whitepapers-

Executive View: KuppingerCole - Airlock Secure Access Hub for applications and APIs

This KuppingerCole Executive View report provides an architectural and functional overview of the Airlock Secure Access Hub, an integrated platform for secure access management - a multicloud-native security tool for web applications, APIs and beyond.

 

Fill out the form now and receive Executive View!

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge