Airlock Microgateway is a Kubernetes-native WAAP (Web Application and API Protection, formerly known as WAF) solution designed to secure microservices and web applications with robust, production-ready security features.
In modern DevSecOps pipelines, security and therefore a WAAP solution must be agile, scalable, and seamlessly integrated into the CI/CD lifecycle. Airlock Microgateway is the perfect fit for these requirements, as it is optimized for Kubernetes environments.
Benefits:
- Comprehensive WAAP: Robust security through continuously improved deny rules to provide protection for OWASP Top 10 attacks, API schema enforcement for OpenAPI and GraphQL, and insightful dashboards.
- Identity Aware Proxy: Enforces secure, modern authentication mechanisms with fine-grained access control for web applications and APIs.
- Seamless Platform Integration: Integrates effortlessly with Kubernetes-native tools and service meshes like kubectl, ArgoCD, FluxCD, Helm, Cilium, and Istio.
- Frictionless DevSecOps Process: Streamlines technical and business process integration, enabling secure and agile development through Shift-Left and GitOps based controls.
- Enables Hybrid Cloud Strategy: Supports platform engineering across hybrid and multi-cloud environments, easing governance and aligning with Kubernetes-based infrastructure best practices.
- Interoperability by Design: Built on open standards like Kuberentes Gateway API, OIDC, JWT and proven technologies such as Elastic Common Schema, Prometheus, Grafana, Red Hat OpenShift, Rancher to ensures flexibility, avoid vendor lock-in, and supports migration across platforms.
For a list of all features, view the comparison of the community and premium edition.
This repository includes hands-on examples to help you deploy and use Airlock Microgateway in real-world scenarios:
general/: Prepare the environment with required licensing, and tooling used by all examples.web-protect/: Secure your web application against threats.oidc/: Integrate upfront authentication and access control using OIDC.
- Start with the General Setup to install the Microgateway and supporting components.
- Continue with the example of your choice:
Source code for the examples is provided under the MIT License. Commercial use requires compliance with licensing terms for Airlock Microgateway.
Airlock Microgateway is available as community and premium editions. See Community vs. Premium editions in detail to choose the right license type. Anyway, this example setup can be deployed with both editions of Airlock Microgateway.