DEVOPSdigest

Traefik Labs announced significant product updates that address the escalating adoption of Kubernetes and the crucial role of API management in modern digital infrastructure.

The updates include a Kubernetes-native API gateway, integration of a Web Application Firewall (WAF), and advanced API management capabilities that improve governance and security.

"These updates help users navigate the complexities of modern cloud-native digital architectures by bridging Kubernetes and existing infrastructure, plus delivering cutting-edge security,” said Sudeep Goswami, CEO of Traefik Labs. “We’re building on current needs and anticipating the future challenges that users will face and arming them to overcome those hurdles."

Traefik Labs introduced Traefik Hub API Gateway, engineered to provide a native Kubernetes experience, while providing ease of use that is a hallmark of Traefik products, along with streamlined integration with existing infrastructure, and a simplified transition for those scaling from Traefik Proxy open source (3.2 billion downloads) to a fully-featured, production-grade API gateway product.

This new offering complements Traefik Enterprise API Gateway, which addresses a broad spectrum of use cases and continues to deliver unparalleled flexibility and compatibility across multiple orchestrators that include HashiCorp Nomad, Azure Service Fabric, Docker Swarm, and Kubernetes.

“Having two separate product offerings ensures that we continue to support and evolve with the diverse needs of our customers, while highlighting our commitment to innovation and our dedication to enhancing Kubernetes ecosystems,” said Goswami.

Recognizing the complementary strengths of API gateways and WAFs, Traefik Labs has taken a step towards fortifying API security with an innovative integration. The company has introduced the capability to incorporate a WAF directly at the API Gateway layer. This approach enhances runtime protection and establishes a comprehensive security posture that is resilient against a wide array of cyber threats. Available to users of Traefik Proxy v3 open source, this innovation integrates two OWASP projects: Coraza WAF and the Core Rule Set.

This initial release lays the foundation for future enhancements and signifies Traefik Labs' commitment to aligning with the evolving PCI DSS v4.0 standards. With WAF transitioning from a best-practice to a PCI DSS compliance requirement by March 2025, Traefik Labs is not only ahead of the curve but is also setting a new standard in API security, ensuring that organizations are well-equipped to face the cyber challenges of today and tomorrow. By scrutinizing incoming traffic to block malicious requests before they can exploit any vulnerabilities, WAFs have been instrumental in safeguarding web applications and APIs, particularly excelling in thwarting older, yet persistently dangerous attack methods such as injection and security misconfigurations.

Traefik Labs introduced advanced API management capabilities that enhance API governance and security through precise access control mechanisms to guard against continual threats of data breaches and the potential for extended downtimes due to API misuse. With this update, users gain the ability to meticulously define access through methods, paths, and regex expressions for HTTP-based web applications. This level of fine-grained control is critical as digital ecosystems grow more interconnected, and the need to mitigate risks associated with data breaches becomes increasingly vital.