Table of Contents
- Summary
- Market Categories and Deployment Types
- Key Criteria Comparison
- GigaOm Radar
- Vendor Insights
- Analyst’s Take
- Methodology
- About GigaOm
- Copyright
1. Summary
Application development and deployment architecture have been changing to accommodate new platforms, processes, and application needs. Increasingly, applications are collections of application programming interfaces (APIs), both public and private, connected in the core “application” with the user interface.
This combination creates an application that’s more difficult to protect than those traditionally protected by web application firewalls (WAF). Modern applications require all the functionality of WAF plus all of the protection offered by API security and API management products. These types of protection, when merged, make up a comprehensive application and API protection (AAP) solution category.
Application architectures have also changed—applications can be spread across multiple clouds, running in Kubernetes, hosted in the datacenter, or co-hosted with a vendor. AAP products must protect all important portions of the overall application and protect them wherever they are deployed.
For an analysis of the key features and functionality to consider when looking at AAP products, see our Key Criteria report for Evaluating Application and API Security Solutions.
As the application architecture has become more complex, the sophistication and volume of attacks have increased independently. This causes a litany of issues for IT staff. The volume of attack data, number of attack vectors, and dispersion of attack activity all make protecting applications harder. AAP products need to either outright block known and identifiable attacks or offer advanced filtering of data that’s escalated to IT staff to keep the volume of alerts at a manageable level.
There are many attack vectors, some of them requiring unique protection capabilities. The AAP space requires that application layer distributed denial of service (DDoS) be protected against, while well-known attacks are detected and/or blocked at the same time—though these two types of protection generally utilize different detection and remediation techniques.
Integration with security information and event management (SEIM) solutions allows this critical piece of application security to be included in post-mortem and even secondary detection generated and managed on the SEIM.
How to Read this Report
This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.
GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.
Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.