DGS CyLABs: Web Application and API Protection (WAAP)

In our WAAP CyLAB DGS our experts experiment with new services and solutions to protect companies’ and users’ Web Applications and APIs from the most insidious cyber

Today, in order to solve nearly any task, we interact on a daily basis with two types of Apps: Web Apps (which we almost always use via browser) and API Apps that provide us with richer and more complex services by dialoguing in the background, without us noticing, with other Apps. App APIs can, in addition, be activated with IoT (Internet of Things) devices, be used via a traditional Web browser or through the more intuitive and modern mobile-apps. The problem is that it is precisely in this interaction between us and Apps that the most insidious risks are hidden today.

In this new scenario it is therefore necessary to have tools such as innovative WAAP (Web Application and API Protection) technologies to protect both Web Apps and App APIs, capable of defending both users and companies from threats, at the various stages of use and interaction with these services.

In particular, in our WAP CyLAB, DGS experts analyze the different phases of user-service interaction:

• on-Connect, checks the initial connection phase between user (via his device and client) and the service;
• on-Request, examines the requests the client makes to the service;
• on-Response, ensures that the expected response matches the request.

In all these steps of interaction, users are vulnerable to possible cyber attacks, but thanks to WAAP technology, live or runtime (in jargon), we can detect and block known and new attacks, protecting our clients’ web applications and APIs from threats and fraudulent activities.

To find out what other areas we operate in at our CyLABs, CLICK HERE