Cyber Security Cloud, Inc. (Headquarters: Shinagawa-ku, Tokyo; Representative Director, President and CEO: Toshihiro Koike; hereinafter referred to as "the Company"), a global security company, is pleased to announce that it has begun offering a cloud-based WAAP (Web Application and API Protection) service, the first of its kind among a domestic security company(※1).

◼︎Background to the development of cloud-based WAAP as a WAF manufacturer with the No. 1 domestic market share (※2)
As digital transformation progresses, Web APIs have become an essential foundation for efficiently combining and utilizing different systems and applications so that users can use services more simply and smoothly. While the importance of Web APIs is increasing, they are also being recognized by attackers as a means of unauthorized data access and are being frequently targeted, posing a serious risk to web security. Because Web APIs are an access point to data with high economic value, protecting them is an urgent issue for companies.

In January 2024, we released the open source software "sasanka" to protect Web APIs, and in the same month, we began offering the "API Vulnerability Diagnosis Service" to diagnose vulnerabilities in Web APIs. Now, as a security manufacturer with the No. 1 domestic market share for WAF (Web Application Firewall) (※ 2), we have extensive experience and a track record of protecting a total of more than 24,000 sites (※ 3). Based on this experience and track record, we aim to comprehensively protect our customers' web services from complex cyber attacks targeting APIs through a cloud-based WAAP service that integrates WAF functions as well as API security, bot countermeasures, and DDoS countermeasures.

Going forward, we will continue to accelerate the expansion of our services in the area of protecting web applications and web APIs, and work even harder to reduce the security risks faced by companies.

◼︎Features of our cloud-based WAAP service (Comment from Development Leader Yuki Yamamoto)

As web services expand and diversify, cyber attacks are becoming more complex. In recent years, there has been an increase in sophisticated attacks that exploit vulnerabilities in business logic. To combat these threats, it is essential to have defenses at the business logic level that take into account the characteristics of web services.
Our cloud-based WAAP offers high flexibility, allowing you to customize settings to suit the characteristics of your web services.It also offers the simplicity to easily use advanced defense functions that exceed those of conventional WAFs, even without customization.
In addition, our cloud-based WAAP incorporates the DevSecOps approach, promoting improved security awareness from the developer's perspective. By considering security from the early stages of development, it contributes to strengthening total security.

◼︎What is WAAP?
WAAP is an abbreviation for Web Application and API Protection, and is a security service concept proposed by Gartner as the next generation of Cloud-based WAF (Web Application Firewall). This concept is designed to solve the security challenges faced by modern web services, and combines three elements: API protection, bot management, and DDoS protection, in addition to the functions of traditional WAF.

(※1) According to a survey Cyber Security Cloud, Inc. (as of May 20, 2024)
(※2) Source: Deloitte Tohmatsu MIC Research Institute, "Current status and future outlook for the external threat countermeasure solutions market in 2023"
(※3) Total number of websites using Shadankun (as of May 1, 2024)

【本件に関するお問い合わせ】
株式会社サイバーセキュリティクラウド　経営企画部  広報担当：竹谷・川﨑
TEL：03-6416-9996　Mobile：080-4583-2871（川﨑）
FAX：03-6416-9997　E-Mail：pr@cscloud.co.jp