ENSURE CONFIDENCE AND SPEED IN THE FACE OF EMERGING THREATS
Dual Web Application and API Protection (WAAP)
Test rule updates in production without risk or performance impact with Dual WAAP.
Learn About Edgio’s Security Solutions
Why Edgio Security
Control, Secure, And Monitor Your Application
Modern edge security combined with Edgio’s unique dual WAAP configuration, provides true defense-in-depth against a wide range of threats targeting web applications and APIs. Edgio is proud to provide holistic Web Application and API Protection, delivered from the edge in one single console, simplifying security for all of our customers
Dual WAAP/WAF
Our unique Dual WAAP/WAF allows for faster threat containment with lower effort by your teams.
Managed Security Services
Our team brings proven expertise for comprehensive security and peace of mind. Click here to learn more
Advanced Bot Protection
Our advanced bot management platform offers unparalleled defense against evolving bot threats. Click to learn more.
DNS / DNSSEC
Safeguarding your domain from cyber threats by adding a layer of cryptographic security to DNS lookup processes.
DDoS Protection
Harness AI-driven DDoS protection to proactively identify and neutralize emerging cyber threats at the edge. Click here to learn more.
Origin Shield
Enhances content delivery speeds, providing a seamless user experience even during high traffic spikes.
How We Help?
Boosts Security Without Sacrificing Performance
As DevSecOps teams strive to deliver new application features faster, they also face many challenges. Too often, the challenges are around security. With increasing vulnerability backlogs and new CVE’s being discovered at a faster higher rate each year (~5.5% increase YoY in 2023), many teams struggle to balance feature time to market with security risk.
To address this challenge, Edgio developed its unique Dual Web Application and API Protection (WAAP) capability, which allows teams to test security rules, in production, without the risk of impacting legitimate request traffic. This ability to test rules in a risk-free manner gives teams peace of mind, knowing they are deploying rules faster and more accurately than ever before.
Highest Reported DDoS Attack
398 M
Million Requests Per Seconds (RPS)
809 M
Million Packets Per Second (Mpps)
3.45 T
Terabits Per Second (Tbps)
Can be lost from a DDoS attack in just one hour
How Dual WAAP works
Edgio Dual WAAP is essentially a separate “audit” WAAP, deployed inline and in front of a production WAAP (a WAAP in blocking mode), analyzing rule behavior against all application traffic without taking any mitigating actions.
After deploying a rule in Dual WAAP mode, DevSecOps teams can analyze the impact it would have against production traffic, without actually impacting that traffic. Teams can easily visualize the potential impact of a rule in Edgio’s Security Dashboard, or in their existing SIEM solutions. Once they are satisfied that a rule is working as intended, they can easily promote it to production (in under 60 seconds), shutting the door on any malicious attackers seeking to exploit the underlying vulnerability.
However, performance cannot be overlooked when it comes to web security. To address this ever-present concern, Edgio built its WAAP decision engine to meet the highest performance standards expected by our customers. We did this via our homegrown waflz engine, specifically designed to scale in a high-performance multi-tenant environment, with highly tuned rules combined in an efficient order of operations, reducing decision processing time down to milliseconds.
Additionally, Edgio’s entire security stack, including WAAP, is deployed across every one of our 300+ global edge locations, so no extra request routing needs to occur when evaluating request legitimacy.
The Benefits of Dual WAAP
The greatest benefit of Dual WAAP is faster threat containment with lower effort. With critical zero-day vulnerabilities affecting web applications components (both proprietary and open-source) discovered more frequently, companies rely heavily on their WAAP solutions for their virtual patching capabilities. Virtual patching gives development teams time to fix underlying vulnerabilities (update code, update libraries, etc.) on a more controlled timeline – as opposed to all-hands on deck fire drills – lessoning the impact on feature release schedules and product roadmaps.
With Dual WAAP, AppSec teams gain the information they need to make decisions, sooner and with greater accuracy. In turn, they can shorten their entire OODA feedback loop.
Edgio Dual WAAP functionality allows customers to not only test rules typically associated with traditional WAF-type custom rules (custom signatures, regex, etc.) but also custom rules specifically tailored to protect API’s or mitigate malicious bots.
The Dual WAAP capability is a differentiator for our customers that, when combined with Edgio’s unique WAAP Rules, provides true defense-in-depth against a wide range of threats targeting web applications and APIs. Edgio is proud to provide holistic Web Application and API Protection, delivered from the edge in one single console, simplifying security for all of our customers.
- Increased developer velocity
- Higher confidence in deployments
- Reduction in vulnerability backlogs
- Faster response to zero days