Deployment Overview

The AppSentinels API Security Platform is available as a SaaS solution or an On-Prem Hosted Application Security platform, designed for high availability, low latency, and ultra-high scalability, ensuring robust API protection across diverse environments.

For organizations in highly regulated industries, AppSentinels offers a fully on-premises deployment where all AI/ML security models are hosted internally. This ensures that data remains within organizational boundaries, maintaining strict compliance with data privacy regulations.

AppSentinels Platform 3-Tier Architecture

Built on a scalable three-tier architecture, AppSentinels Platform ensures optimal performance from small-scale setups to the world’s largest and most complex systems.

This architecture comprises:

AppSentinels Sensor/Plugin

Sensor/Plugins forward API logs to Edge Controllers for inspection and policy enforcement. The AppSentinels Sensor/Plugin can be deployed in Inline Mode or Out-of-Band (OOB) Mode:

• Inline Mode: API traffic is inspected before reaching the application, allowing malicious requests to be blocked preemptively.
• Out-of-Band (OOB) Mode: Traffic is mirrored for analysis without impacting application latency. Mitigation actions are enforced through external policy enforcement points such as WAFs and Firewalls.

AppSentinels Controller

The Controller processes API traffic from Sensors and Plugins to discover APIs, detect API attacks, enforce policies, and identify sensitive information.

It forwards data to the AppSentinels Platform Server for AI/ML analysis, ensuring PII (Personally Identifiable Information) is anonymized before transmission.

The Controller is available in multiple form factors, including Bare Metal, Virtual Machines, Docker Images, and Kubernetes.

AppSentinels Platform Server

The AppSentinels Server leverages AI/ML models to analyze API data, learn from patterns, and create baseline policies for detecting API-based attacks.

It also serves as a web console for policy configuration, user management, and event management.

The platform supports on-premises deployment in both Docker and Kubernetes environments.

AppSentinels DAST Client

Additionally, the platform offers an add-on component for Dynamic Application Security Testing (DAST), enhancing security testing capabilities.

The DAST Client performs automated AI/ML-driven security testing tailored to customer applications.

The DAST Client can be deployed as a Docker container or a Kubernetes instance.