The modern application landscape has become fragmented. While applications are more likely than ever to be built on microservices and hosted on public cloud platforms, many legacy applications continue to reside in the data center. At the same time, the threat landscape continues to evolve to utilize multiple avenues of attack, including APIs, automated bots, and availability-based attacks. Traditional, on-premises-based, and siloed tools were not designed for the dynamic, distributed application environment most enterprises support today.
As a result, cloud-delivered web application and API protection platforms, also called WAAP, have emerged. These solutions converge web application firewall, distributed denial of service, bot management, and API protection into a single, cloud-delivered solution. While these tools certainly promise better efficiency, effectiveness cannot be sacrificed in the process. Organizations investigating WAAP should consider solutions providing not only effective security, but also scalable architectures; centralized, intuitive management to promote ease of use; and coverage across all application types and locations. The Citrix Web Application and API Protection service (CWAAP), powered by machine learning, provides this type of cloud-delivered, comprehensive application security, and coupled with Citrix ADC-based application and API security solutions for on-premises and cloud deployments, provides organizations a variety of options for securing applications across their environments.