API Protect
Runtime Enforcement of API Security Policy

API Protect creates an allowlist of valid operations and input data based on the OpenAPI contract. Through an API micro-firewall it enforces this configuration on all incoming as well as outgoing transactions. Transactions that do not conform to the OpenAPI definition are automatically blocked. API Protect is aย core shield-right element of our API Security Platform

Automatically Apply Protection at RunTime

API Protect enforces API runtime protection directly in front of your APIs. The API Protect micro-firewall, is tailored to protect each API from malicious attacks. Unlike a traditional WAF-based solution, API Protect distinguishes API attacks from legitimate API traffic.

DevSecOps-UI-for-Solution-3-2

A Positive Security Model for APIs

API Protect micro firewall uses a positive security model based on strict conformity to the OpenAPI contract of the protected API. Additional security policies can also be added to the OpenAPI contract to enable company-wide security enforcement.

No manual rules, automate configuration from your CI/CD

Deploy API Protect from your CI/CD pipeline and it will automatically reconfigure each time the API changes. Our protection technology directly interprets OpenAPI definitions and constrains the API traffic on request and responses.

Icons-42Crunch-Time_2

Maximum Functionality, Minimal Latency

API Protect has been built with performance in mind and is highly optimized, it typically adds less than 1 millisecond of latency to the whole transaction, allowing you to deploy it at scale across your enterprise.

Deploy Anywhere For External & Internal API Protection

You can use our API firewall to equally protect north-south and east-west traffic. Thanks to its low footprint, it can be deployed at scale on any container orchestrator such as Kubernetes, Amazon ECS or Red Hat OpenShift(ยฎ). Our runtime is fully compatible with existing API management solutions or API gateways and with microservices-based architectures. Full support for both sidecar proxy and gateway deployment models.

Ready to Learn More?

Developer-first solution for delivering API security as code.