Garphic Airlock Secure Access Hub

Airlock Gateway 8.2

Airlock Anomaly Shield

With Gateway 8.2, Anomaly Shield can analyze the behavior of browser clients to distinguish bots from humans. This is done transparently for the user and thus avoids the negative effects of CAPTCHAs on user-friendliness. This feature is called Client Behavior Analysis and is offered as a new model.

The configuration of the Anomaly Shield has been optimized and simplified with several measures. For the initial configuration of the Anomaly Shield, a recommended default configuration with triggers and rules is now offered directly in the Configuration GUI. This default configuration corresponds to the recommendation from the documentation and no longer needs to be entered manually. 

During operation, all ML models should be retrained again and again to ensure that changes in the behavior of the attackers are detected by the models and to prevent more false positives from occurring over time. To minimize the operational effort for retraining, it is now possible to configure whether all models should be regularly retrained and also applied immediately. 

Policy Learning

In a productive environment, there are typically many blocks. Finding the false positives among the true positives among the many blocks is no easy task. For this reason, Policy Learning in Airlock Gateway 8.2 has been expanded to include the filters "Authenticated Sessions only", "Max. attack type per IP" and "Source Country" to make the admin's work easier. Blocks that are displayed after applying the new filters are very likely to be false positives.

OpenAPI Enhancements

Services with APIs are the future of web applications. Technologically state-of-the-art for some time now, APIs are even required by regulations, such as the EU-wide directive for the financial industry PSD2. Such public APIs have a particularly high protection requirement, as they allow direct access to sensitive business data.

OpenAPI support in Airlock Gateway 8.2 has been extended to include "application/x-www-form-urlencoded". Airlock Gateway now offers even more protection for back-ends and APIs, validates requests and blocks non-compliant requests.  Manually configured or learned security policies become obsolete, as updated specifications can be supplied automatically with service updates. This is a win-win for security and operations: precise allowlist rules for API access, automatically updated!

Post-Quantum Cryptography: PoC

Security is very important to Airlock. That's why we follow topics such as post-quantum cryptography with an eagle eye. In order to gain experience in customer environments, we have started a research program with selected customers. Customers and partners who are also interested are welcome to contact us to take part in this research program. 

HSM

Airlock Gateway supports the two largest NetHSM manufacturers, Entrust nShield and Thales Luna HSMs. Among other things, HSMs are useful for additional protection of private keys for HTTPS. The higher level of protection is achieved by the fact that the keys generated in the HSM cannot be read via software interfaces. Examples of why this additional security measure makes sense are vulnerabilities such as Heartbleed or Shellshock.

Thales Luna Network HSM 7 and Entrust nShield Connect are now supported.

Hardened filter rules thanks to Bug Bounties

The Airlock Airlock Bug Bounty Program is running successfully since 2020, and it has once again produced numerous security improvements.

Updating is easy

Airlock Gateway 8.2 is available on Airlock Techzone.

The update to this minor version does not require any manual adjustments: Your existing configuration can be activated without any problems. You can find a complete overview of all new features and corrections in the release notes.

Airlock Gateway 8.2 Release Video

In our release video you learn all the details about Airlock Gateway 8.2

Information for you

-Our whitepapers-

Study Application and API Security 2022

In a recent study in cooperation with CIO, CSO and COMPUTERWOCHE, Ergon Airlock looked at application and API security in the container environment.

Request study

Zero Trust is a journey

The digital transformation of the world continues to progress, and it is profoundly affecting private life and job profiles in a manner that was hard to imagine just a few years ago.

This whitepaper covers the effects of continuous digitization and its implications.

Request free of charge

Toward DevSecOps

In this whitepaper, you will learn the most important insights into how you can successfully and efficiently implement DevSecOps, which security components are required for this, and what benefits a microgateway architecture brings.

Request free of charge

Airlock 2FA - Strong Authentication. Easy.

The two-factor authentication in the area of IT security offers double the security.

Find out more about strong authentication and the possibilities that Airlock offers in our whitepaper.

Request free of charge

Further whitepapers

We provide whitepapers on these and other topics free of charge:

  • successful IAM projects
  • Compliance
  • Data protection (GDPR)
  • Introduction of PSD2
  • PCI DSS requirements
Request free of charge