Web Application Security using IAM, WAF and others

Reliable Web Application Security, including hybrid environments

Web applications are points of access to company data and applications. Customers and employees can access information quickly and easily at any time from anywhere. Cybercriminals also use these gateways. Around 60% of all successful cyberattacks are the result of insufficiently protected web applications.

Strengthen your web application security with IAM

Use our Web Application Security to safeguard your company data against unauthorised access via web applications and ensure your IT is sufficiently protected when you open up the web environment to external ecosystems and cross-system digitisation projects. A central Web Application Firewall (WAF) and strong Identity and Access Management (IAM) effectively protect the web applications and mobile solutions in your ecosystem from attacks and unauthorised access. This helps to increase the web application security of your IT systems.

Are you looking for an experienced WAF security provider?

Our service is based on solutions from leading providers of web application and API protection (WAAP) and IAM solutions. It protects your applications, API interfaces and data from identity theft and other attacks from the Internet. While Web Application Firewall (WAF) and IAM authenticate and authorise every access, an API gateway is available for the secure connection of peripheral systems. It goes without saying that multi-factor authentication (MFA) with geofencing and based on FIDO2 specifications is integrated in the IAM.


Identity federation is used if reconciliation is required across system boundaries to enable the anonymisation of individual information. This also enables a secure reconciliation of identity and authentication information between different organisations’ IT infrastructures.


In addition to meeting the most demanding compliance requirements, the solution is highly scalable, permitting short time-to-market cycles. The simple, intuitive processes also add significant value for your users. The high usability of our central security infrastructure ensures positive customer experiences, inspires trust and creates positive associations with your brand, bringing you closer to your customers.

Your benefits

Requirements-based performance models (SaaS, dedicated servers)

Data storage and operation exclusively in Switzerland (ISO 27001)

Many years of expertise with a broad range of services and scalability

When is it the right solution?

Are you looking for a centrally controllable, highly available and secure solution to protect your ecosystem, including web applications and mobile solutions? Do you want your WAF security provider to offer a wide range of additional, modular cyber defence solutions, such as Threat Detection & Response (TDR) or Secure Operations Center (SOC)?

Web Application Security from Swisscom gives you a cost-efficient, standardised solution that can be individually adapted to your requirements. Different models are available for operation.

What’s in it for you:

  • State-of-the-art solution for Web application security
  • WAF, customer IAM, API interfaces and MFA
  • Operation in the cloud, on VM or in container environment

Swiss mobile telecommunications partnership

Why Swisscom?

  • Market leader: Switzerland’s largest competence centre for Ergon Informatik’s Airlock
  • Field-tested: many years of expertise in industries with the highest security requirements
  • Needs-based: comprehensive, flexible services with varying scope

Get started with Web Application Security

The first step

Let us introduce you to the world of Web Application Security and support and guide you with our expertise.


Web Application Security factsheet

  • “Swisscom is a highly experienced Airlock partner.”

    Roman Hugelshofer, Ergon Informatik AG
    Managing Director Application Security

    Portrait Stefan Tschumi

Web Application Security

Managed Security Services

Firewall, WAF and IAM

  • WAF and IAM solution in addition to network firewall
  • Modular design with encapsulated functions and add-ons, such as single sign-on (SSO), geofencing and multi-factor authentication (MFA)
  • ISO 27001-certified, Switzerland-based data centres with data storage also in Switzerland
  • Maximum operational stability and automation from container technologies
Maximum scalability thanks to managed service solution (SaaS) for WAF and IAM.

Dedicated environment

Highly secure and powerful


Comprehensive security consulting

Multi-factor authentication (MFA)

Maximum authentication security

Additional information

Core Banking Radar Image

Connectivity and open banking

Intelligent core banking systems are open to external innovations and increasingly rely on digital ecosystems.


Advanced Persistent Threats (APT)

Fraud prevention in banking

Our platinum partnership

Ergon Informatik AG

Intelligent core banking systems are open to innovations from the outside and increasingly rely on digital ecosystems.

Secure corporate payment transactions

Drawing on many years of industry experience and in-depth expertise, we are an Airlock Platinum integration partner.

Swisscom partners

Do you have any questions regarding Web Application Security? Get in touch.