In this series of videos we will talk about Web App & API Protection history, technology, requirements, challenges and solutions. We will make it short and informed. Please subscribe. Part 4 (WAF Methods: Public Cloud Native WAF, SaaS WAF, RASP, Proxy/Ingress/API WAF Add-On): Here are some considerations to keep in mind when choosing a Web Application & API security solution for your cloud: You may be using one cloud vendor today and another one next year. May be you also have your own data center. Implementing signature based security using native controls of one cloud vendor may seem easy, but can become costly when you wish to change or expand. WAF-as-a-service is easy to setup but adds extra latency and requires you to give up the keys to the kingdom – your DNS and private encryption keys. It also provides no security internally between your workloads. RASP (Run-Time Application Self-Protection) provides excellent level of security and low false positive rates. Yet, it is complicated to implement as you need to deploy it on each application server. If you have a Reverse Proxy, API Gateway or Kubernetes Ingress, running security as add-on can be effective simple and scalable. It’s also the only option available as open-source. To be effective Web App & API protection must be simple, in your control and universal. So you can easily run it anywhere. - open-appsec |