Based on a powerful back-end HTML content rewriting engine Airlock Gateway provides advanced URL encryption and dynamic form protection functions. When enabled, dynamically encrypted URLs (in combination with cryptographically protected HTML forms) prevent anyone from sending illegal requests or malicious user data to the application server.
Example what an encrypted URL may look like in a browser:
- These security functions can completely protect an application against forceful browsing attacks:
- Users and attackers cannot retrieve information about the back-end applications because the URLs are encrypted.
- No request manipulation or sending of invalid user input fields is possible anymore.
Dynamic allowlisting with URL encryption is a positive security model. There is no need for iterative re-learning!
- At a glance:
- The web application defines the allowed requests.
- URL encryption is transparent and requires no changes to the application.
- Only allowed URLs are forwarded to the application server. Everything else is blocked.
- Airlock enforces secure application usage with dynamic allowlisting in real-time.
- Only a positive security model can prevent unknown attacks and zero-day exploits. No learning phase is necessary for the Airlock Gateway URL encryption and Smart Form protection engine to instantly protect a Web application.