API Protect
Runtime Enforcement of API Security Policy

API Protect creates an allowlist of valid operations and input data based on the OpenAPI contract. Through an API micro-firewall it enforces this configuration on all incoming as well as outgoing transactions. Transactions that do not conform to the OpenAPI definition are automatically blocked. API Protect is a core shield-right element of our API Security Platform

Automatically Apply Protection at RunTime

API Protect enforces API runtime protection directly in front of your APIs. The API Protect micro-firewall, is tailored to protect each API from malicious attacks. Unlike a traditional WAF-based solution, API Protect distinguishes API attacks from legitimate API traffic.

DevSecOps-UI-for-Solution-3-2

A Positive Security Model for APIs

API Protect micro firewall uses a positive security model based on strict conformity to the OpenAPI contract of the protected API. Additional security policies can also be added to the OpenAPI contract to enable company-wide security enforcement.

No manual rules, automate configuration from your CI/CD

Deploy API Protect from your CI/CD pipeline and it will automatically reconfigure each time the API changes. Our protection technology directly interprets OpenAPI definitions and constrains the API traffic on request and responses.

Icons-42Crunch-Time_2

Maximum Functionality, Minimal Latency

API Protect has been built with performance in mind and is highly optimized, it typically adds less than 1 millisecond of latency to the whole transaction, allowing you to deploy it at scale across your enterprise.

Deploy Anywhere For External & Internal API Protection

You can use our API firewall to equally protect north-south and east-west traffic. Thanks to its low footprint, it can be deployed at scale on any container orchestrator such as Kubernetes, Amazon ECS or Red Hat OpenShift(®). Our runtime is fully compatible with existing API management solutions or API gateways and with microservices-based architectures. Full support for both sidecar proxy and gateway deployment models.

Ready to Learn More?

Developer-first solution for delivering API security as code.