Web Application Security with IAM, WAAP and MFA

Protect web applications and APIs with Web Application Security

Web applications and APIs are points of access to company data and applications.

Customers and employees can access information quickly and easily at any time from anywhere. Cybercriminals also use these gateways. Around 60% of all successful cyberattacks are the result of insufficiently protected web applications.

Strengthen your web application security with WAAP

Use our Web Application Security to protect your company data from unauthorised access via web applications and keep your IT infrastructure secure when opening up the web environment to external ecosystems and cross-system digitisation projects. Central Web Application and API Protection (WAF) and strong Identity and Access Management (IAM) effectively protect web applications from attack and unauthorised access. We offer protection from known OWASP risks and use anomaly detection and QoS to improve the security and availability of your web-based IT services.

Are you looking for an experienced WAAP security provider?

Our service is based on solutions from leading providers of web application firewall (WAF) and IAM solutions. It protects your users, applications and data from identity theft and other online attacks. While the web application firewall (WAF) and IAM verify and allow authorised access attempts, the additional modules detect and block bot attacks, unauthorised API access attempts and other anomalies.

Identity federation is used if reconciliation is required across system boundaries to enable the anonymisation of individual information. This also enables a secure reconciliation of identity and authentication information between different organisations’ IT infrastructures.

In addition to meeting the most demanding compliance requirements, the solution is highly scalable, permitting short time-to-market cycles. The simple, intuitive processes also add significant value for your users. The high usability of our central security infrastructure ensures positive customer experiences, inspires trust and creates positive associations with your brand, bringing you closer to your customers.
Lora Alliance Logo

Swiss mobile telecommunications partnership

Mobile ID

When is it the right solution?

Are you looking for a centrally controllable, highly available and secure solution to protect your ecosystem, including web applications and mobile solutions? Do you want your web application and API protection (WAAP) provider to offer a wide range of additional, modular cyberdefence solutions, such as Threat Detection & Response (TDR) or Secure Operations Center (SOC)?

Web Application Security from Swisscom gives you a cost-efficient, standardised solution that can be individually adapted to your requirements. Different models are available for operation.

Your benefits

  • Requirements-based performance models (SaaS, dedicated servers)
  • Data storage and operation exclusively in Switzerland (ISO 27001)
  • Many years of expertise with a broad range of services and scalability

Get started with Web Application Security

Web Application Security

Managed Security Service

Firewall, WAAP and IAM
  • Web application firewall (WAF) and API protection plus a flexible IAM solution
  • Advanced protection against OWASP’s Top 10 security risks based on real-time threat data
  • Modular structure with encapsulated functions and add-ons such as single-sign-on (SSO) and geofencing
  • ISO 27001-certified, Switzerland-based data centres with data storage also in Switzerland

Dedicated environment

Highly secure and powerful
  • Extensive customisation options due to the WAAP and IAM solution’s close alignment to customer needs
  • Operation of Ergon Airlock and Nevis on classic virtual machines or using container technology
  • ISO 27001-certified, Switzerland-based data centres with data storage also in Switzerland
  • Operation of state-of-the-art WAAP and IAM solutions from leading Swiss manufacturers

Advisory

Expert advice on web application protection, APIs and access control
  • Personal security expert as your dedicated contact
  • Setup or optimisation of WAAP/cIAM solutions based on Airlock
  • Periodic or situational support to secure your web applications
  • Joint design of your web architecture
  • Review of existing solutions based on the Azure web application firewall (WAF) and Azure firewall
  • Wide range of services and end-to-end support if required

Multi-factor authentication (MFA)

Maximum authentication security
  • A simple addition to existing login options, such as user name and password
  • Different app-based login procedures and support with the distribution of hardware tokens
  • Dynamic methods to protect against phishing and fatigue attacks
  • Precise geofencing as an option for enforcing advanced policies and preventing bypassing via VPN

Why Swisscom?

Market leader

Switzerland’s largest competence centre for Ergon Informatik’s Airlock

Field-tested

Many years of expertise in industries with the highest security requirements

Needs-based

Comprehensive, flexible services with varying scope

What our customers say

‘Swisscom is an extremely experienced Airlock partner.’

Roman Hugelshofer, Managing Director Application Security, Ergon Informatik AG

Additional information

Our platinum partnership

Ergon Informatik AG

Intelligent core banking systems are open to innovations from the outside and increasingly rely on digital ecosystems.

Go to Ergon website

Secure corporate payment transactions

Drawing on many years of industry experience and in-depth expertise, we are an Airlock Platinum integration partner.

Go to Airlock website

Swisscom partners

Find out more

Our experts will be happy to answer your questions. Contact us.