Web applications and API’s are the backbone of every Internet connected device we use today. Specifically, a web application is any program that interfaces with a customer through a web browser.
An application Programming Interface (API) is a tool that allows two or more applications to communicate and exchange data. Continent 8 have reimagined the way that Web App and API security is approached by building a fully featured cloud Web App and API Protection (WAAP) platform directly in-line with customer data flow.
This enables us to bring all the features and functions usually only found in costly localised set-ups to the cloud. Other cloud WAAP deployments have Content Distribution (CDN) in their DNA, but C8 leverages security veteran Fortinet’s 20+ year expertise to transform the way cloud WAAP is delivered. WAAP is achieved using a combination of Web Application Firewall (WAF), Robot (BOT) and API protection mechanisms.
Protection from the OWASP (world standard in web security risks) Top 10 is one of the fundamental features of any WAAP and is what is required to comply with payment security (PCI-DSS) requirements.
The OWASP Foundation has tens of thousands of members worldwide working to improve application security. The OWASP Top 10 represents a broad consensus of the ten most important security considerations for web applications. There are more security risks than just the Top 10 and Continent 8 WAAP protects over and beyond this including the API Top 10.
By considering the Top 10 when developing code, developers are actively protecting businesses from application attacks and the resulting revenue or data loss caused by downtime or a compromised system which can severely damage any business.
According to Verizon’s 2019 ‘Data Breach Investigations Report’, Web Applications are now the number one target for attacks, but in their document ‘API Security: What You Need to Do to Protect Your APIs’ Gartner believes that API targeted attacks will knock Web App attacks off the top spot by 2022. There has never been a more apt time to deploy Web Application & API Protection mechanisms – Such as Continent 8 Cloud WAF.