Instart, the leader in web application performance and security services, announced the Instart Web App and API Protection (WAAP) platform to deliver the most comprehensive protection against attacks on the application origin, including the APIs, the edge, and the browser.
This platform provides customers with a single cloud-based platform, powered by a single rules engine, and a unified threat intelligence system, to defend against application vulnerabilities, sophisticated bots, and browser-based attacks.
Web app and API exploits are now one of the leading vectors for data breaches, lost revenue, and brand damage. Organizations with a large web presence are battling more than just malicious traffic aiming to bring down their apps.
They now face sophisticated bots working to hurt their brand, privacy regulations that penalize them for compromised customer information, and browser-based threats that are targeting consumers through third-party code.
Each of these threats require distinctly different protection, each with its own detection and remediation methods in order to mitigate the ever-evolving attack types.
“While modern web apps bring immeasurable benefits to consumers, they also add significant complexity to IT organizations looking to secure them and protect their customers,” said Sumit Dhawan, CEO of Instart.
“Today, organizations are deploying multiple solutions with inconsistent rule sets as a way to defend against the multitude of threats attacking their online properties. Ultimately, this leads to security gaps, as intelligence is not shared between solutions. The only way to secure the full web app is to implement a cloud-scale solution with visibility and control over the entire application delivery path, including the origin, the edge, and the endpoint.”
As more applications move to the cloud, traditional appliance-based security technologies no longer protect these apps from all of the emerging threats.
According to Gartner, “By 2023, more than 30% of public-facing web applications will be protected by cloud web application and API protection (WAAP) services that combine DDoS protection, bot mitigation, API protection and web application firewalls (WAFs). This is an increase from fewer than 10% today.”
Instart’s cloud services for application security are already protecting the world’s largest brands from malicious threats to their web apps. Now, the Instart WAAP platform will bring together the company’s Web Security, Bot Management, and Tag Control products as well as its threat intelligence and expert security services to deliver a single, self-service solution with a unified management framework, powerful rules engine, and experienced team of experts.
With the combined solution, security threats can be detected and enforced at the origin, to the edge, and in the browser in order to fully protect a brand’s online property. The Instart WAAP platform includes:
- Instart Web Security, which prevents sophisticated cyber attacks like distributed denial of service, cross-site scripting, SQL injection, and more using its web application firewall, DDoS protection capabilities, and powerful security rules.
- Instart Bot Management, which detects and analyzes bot intent and blocks attacks from sophisticated malicious bots to prevent fraud and protect your brand.
- Instart Threat Intelligence, which combines multiple automated techniques, such as honeypots and third-party threat feeds to detect various cyberattacks and applies cross-customer learnings to automatically update rules.
- Instart Managed Security Services, which provides a team of proactive security experts to help customers with implementation, rule creation, and incident response.
“Our customers are consistently telling us that their traditional appliance-based approach to web app and API security is no longer sufficient as the attack vendors expand and they incorporate more cloud services into their customer-facing web apps,” said Mitch Parker, Chief Customer Officer at Instart.
“Instart WAAP is the only platform to combine an intelligent, globally distributed cloud service with a browser virtualization layer for complete visibility and protection against both known application threats as well as emerging threats, such as advanced automated Bots and attacks from 3rd party services integrated into a web experience.”