Core WAAP is a comprehensive security solution that can be integrated into CI/CD pipelines and increases the agility and security of modern IT environments through in-depth transparency and control as well as a containernative approach. 

CHALLENGE CHALLENGE

Modern IT departments are faced with the challenge of expanding their range of applications without increasing the number of staff. Although the division of large, monolithic applications into smaller components and the increased use of microservices improve functionality and user-friendliness, they also increase the application’s attack surface. As conventional WAFs are located at the edges of the clusters, they cannot capture the internal data traffic between the pods (“east-west”). Every year, over 85% of companies experience attacks at the application level that bypass their WAF. This is becoming particularly critical as applications become ever more complex and diverse, development cycles are ever shorter and migration to the cloud – whether private or public – continues to increase.

SOLUTION SOLUTION

Our Core WAAP is a comprehensive security solution for web applications in CI/CD environments. It enables the integration of WAF rules directly into Kubernetes-orchestrated pipelines, provides detailed visibility down to pod level and supports effective security measures both locally and in the cloud. Seamless compatibility with common deployment and test tools meets the requirements for automation, flexibility and reliability. This deep integration promotes effective security measures and supports the implementation of defense-in-depth strategies through identity-based micro-segmentation and robust security policies that protect against the most common security threats such as SQL injection and cross-site scripting.

In addition, Core WAAP enables faster deployment through predefined templates, simplifies policy management and enables the implementation of zero-trust rules for workloads within the cluster. This advanced security solution increases the agility and transparency of application development and deployment through a container-native security approach designed specifically for the requirements of modern container or cloud-native application landscapes.

DEMO YOURSELF
Download Whitepaper (PDF)
Documentation
CONTACT
HIGHLIGHTS

HIGHLIGHTS

  • Seamlessly protects both cloud and legacy apps and APIs
  • Hybrid security model
  • OWASP Top 10 Protection (OWASP Core Rule Set)
  • Autolearning to reduce and avoid false positive request blocks
  • Quick and easy implementation
  • Can be easily integrated into CI/CD processes, Infrastructure as Code
  • Virtual patching protects applications from an attack due to a vulnerability for which there is not yet a patch or whose patch has not yet been applied
  • Resource-saving, scalable
  • Various options for extension (native C++, lua Script, Proxy-Wasm, gRPC)

MORE FROM OUR PRODUCT UNIVERSE

WEB APPLICATION FIREWALL (WAF)

WEB APPLICATION FIREWALL (WAF)

Managed SASE

Managed SASE

NETWORK ACCESS CONTROL (NAC)

NETWORK ACCESS CONTROL (NAC)

PENETRATION TESTING

PENETRATION TESTING

CORE WAAP

CORE WAAP

What can we do for you?

Maximum protection. Zero compromise.
+41 31 959 02 02
Send e-mail