Airlock Microgateway on Servala: Kubernetes-native Web Application and API Protection, secure by default
Modern application security lives inside your development workflow and runs natively in your Kubernetes clusters. Airlock Microgateway delivers exactly that: a powerful Web Application and API Protection that filters malicious requests, enforces authentication, and protects web applications and APIs without friction in your development lifecycle.
Many enterprises across healthcare, finance, and industry trust Airlock Microgateway. Now available as a fully managed service on Servala, Airlock Microgateway gives you everything you need to secure your web applications and APIs.
What is Airlock Microgateway?
Airlock Microgateway is a modern Web Application and API Protection (WAAP) solution - formerly known as Web Application Firewall (WAF) - and an identity-aware proxy. Out of the box, it provides:
Secure single sign-on (SSO) experience for users, based on open standards.
Filtering incoming requests to protect against OWASP Top 10 attacks.
Ingress in Kubernetes with Kubernetes Gateway API support - the successor of the frozen Kubernetes Ingress project.
Frictionless integration into enterprise environments and Dev(Sec)Ops processes, with native support for GitOps tools and standard deployment workflows.
It’s enterprise-grade, secure by default, developer-friendly, flexible, and highly extensible. Rely on proven security and focus on your core business.
Who is Airlock Microgateway for?
Airlock Microgateway is used by teams and organizations that need strong security for their web applications and APIs, including:
Enterprises securing public-facing or internal applications in Kubernetes, virtual machine (VM), or bare-metal environments
SaaS platforms that need a fine-grained and secure upfront authentication with the capability to translate external to internal identities
Finance and healthcare companies relying on a secure solution to protect their assets
DevOps and platform teams looking for a frictionless WAAP solution
Software vendors and manufacturers embedding security directly into their products
If your web application or APIs need to filter malicious requests or enforce strong authentication - Airlock Microgateway has you covered.
Why choose Airlock Microgateway?
Airlock Microgateway stands out for its combination of security, flexibility, and support of standards:
Identity-aware proxy: reduces complexity and increases security in web applications and APIs using standards like OpenID Connect, JWT, OAuth 2.0 Token Exchange, or client certificate
Comprehensive WAAP: deny rules for OWASP Top 10 attacks, OpenAPI specification enforcement, GraphQL schema validation, and more
Kubernetes-native: with Kubernetes Gateway API support, and its own Operator and Custom Resource Definitions for frictionless DevOps processes
Observability out of the box: with ECS (Elastic Common Schema) formatted logs, Prometheus metrics, and ready-to-use Grafana dashboards to make operations straightforward
OpenShift certified: officially certified for Red Hat OpenShift to simplify installation and get full Red Hat support
Continuously hardened: improved effectiveness through the private Bug Bounty Switzerland program
Why use Airlock Microgateway through Servala?
Integrating and maintaining security components can be time-consuming. Servala simplifies this by deploying and maintaining Airlock Microgateway as a reliable, ready-to-use managed service.
What you get with Airlock Microgateway on Servala
No infrastructure to manage: we provision, operate, and update Airlock Microgateway across your environment - so you can focus on your security policies, not your Airlock Microgateway deployment
Secure by design and sovereign data infrastructure: compliance-ready setups with built-in TLS, secured networking, logging, and monitoring stack. Your data stays in trusted, sovereign infrastructure
Integrate anywhere: use Airlock Microgateway’s standards-based support for OpenID Connect, JWT, OAuth 2.0 Token Exchange, and client certificates to integrate with your applications and tools
Customizable and branded: easily adapt authentication flows and error pages to match your brand and user experience
Built for DevOps and platform teams: stick to your GitOps process and store your security policies as code. These are configured as Kubernetes custom resources, enabling configuration validation and enforcement of settings
When should you use Airlock Microgateway on Servala?
This service is ideal if you:
Need strong, secure upfront authentication for modern and legacy applications
Must protect your web applications and APIs against OWASP Top 10 attacks
Are running your workload in different clouds or data centers but want one single technology
Desire to remove friction from your Dev(Sec)Ops process with your WAAP/WAF solution
Operate in regulated industries or sovereign cloud environments
Prefer a security solution with support for standards
Try Airlock Microgateway on Servala
Airlock Microgateway brings enterprise-grade security to your web applications and APIs. Servala makes it effortless to use.
It’s part of a growing ecosystem of open cloud-native services on Servala - including databases, developer tools, and infrastructure building blocks - all available as managed services, with freedom of choice and full transparency.
🔍 Explore Airlock Microgateway on Servala
🎥 Watch the “Intro to Servala” webinar
📬 Contact us at hi@servala.com to learn more
Web application and API security is complex. Servala makes it simple.
