On our website, we would like to use the services of third-party providers who help us improve our promotional offerings (marketing), evaluate the use of our website (performance) and adapt the website to your preferences (functionality). We need your consent for the use of these services; you can always revoke this consent. You can find information about the services and the chance to reject them under “User-defined.” You can find additional information in our Data Protection Policy.

Use #itsa20

6 - 8 October 2020 // Nuremberg

Posting print layout

What information should be shown in the print layout?

Create print layout
Exhibitors & Products it-sa 2020
Zoom product LOGO_AIRLOCK API — Protects interfaces. Tailor-made.

AIRLOCK API — Protects interfaces. Tailor-made.

LOGO_AIRLOCK API — Protects interfaces. Tailor-made.

AIRLOCK API — Protects interfaces. Tailor-made.

Request information Request information

Contact us

Please enter your personal information and desired appointment. You can also leave us a message.

Your personal information

Your message for us

Desired appointment during the exhibition

* Compulsory fields you must fill in.

Information on data protection can be found here.

Your message has been sent.

You do not have a registration yet? Register now and use all advantages of the Exhibitors and Products Database, the supporting programme and the TicketShop.

An error has occurred.

Application Programming Interfaces (APIs) are the pillars of modern applications and digital services. These interfaces expose sensitive data beyond the company’s boundaries to the Internet, from where customers and partners can access it. APIs therefore require special protection and must not only be protected against well-known web attacks (OWASP Top 10) but also against API-specific attacks. Simple and secure access control is an essential component and, together with appropriate monitoring and reporting, forms the foundation for the implementation of digital strategies.

Web security for APIs

Modern applications and services are based on APIs that are integrated into different clients. Clients can be mobile apps, APIs, modern Single-Page Applications (SPAs) or legacy web applications. Due to this variety of application cases, API Security must not be viewed in isolation from classical application security. Therefore, the Airlock API Security Gateway is based on Airlock WAF and comes with a solid filter arsenal for web security.

Advanced API protection

Airlock API offers a range of protective mechanisms that are tailor-made for APIs. JSON Schema and OpenAPI specifications for APIs can be uploaded and enforced via the gateway. Only API calls that meet these specifications will be forwarded to the internal APIs. Innovative functions such as dynamic value endorsement (DyVE) also enable dynamic whitelisting of permitted variables within an API interaction.

API access control

One of the main reasons for using API gateways is to ensure access control to APIs. Airlock API validates access tokens and permits role-based access authorization for API end points. Airlock API works in conjunction with Airlock IAM to support OAuth 2.0, OpenID Connect 1.0 and SAML 2.0 in protecting access to APIs.

High availability

Airlock API is a reverse proxy with failover and load balancing functions, efficiently ensuring high availability of connected services. When modifications are made to the application infrastructure (e.g. starting/ stopping of additional instances), Airlock API automatically takes over and enables high scalability. TLS is also terminated in advance, relieving the burden on APIs and enabling simple scaling.

API monitoring, statistics and reporting

Built-in dynamic reporting provides an overview of all API access attempts at all times. Access logs for API calls can be forwarded to peripheral systems and, therefore, be used as a basis for monetization of accesses. Interactive dashboards ensure an overview of both attempted attacks and specification violations, highlighting performance problems and displaying back-end faults.


Thanks to its comprehensive REST API, Airlock API is easy to integrate into DevOps pipelines. The outcomes of service events in a microservice architecture environment can be tracked automatically via the API gateway. For example, a service update can automatically deploy the new OpenAPI specification to the API gateway.

AIRLOCK API — Protects interfaces. Tailor-made. is assigned to following product groups:

You decided to attend the it-sa? Get your tickets at the TicketShop


The selected entry has been placed in your favourites!

If you register you can save your favourites permanently and access all entries even when underway – via laptop or tablet.

You can register an account here to save your settings in the Exhibitors and Products Database and as well as in the Supporting Programme.The registration is not for the TicketShop and ExhibitorShop.

Register now

Your advantages at a glance:

  • Advantage Save your favourites permanently. Use the instant access – mobile too, anytime and anywhere – incl. memo function.
  • Advantage The optional newsletter gives you regular up-to-date information about new exhibitors and products – matched to your interests.
  • Advantage Call up your favourites mobile too! Simply log in and access them at anytime.