Securing gRPC Bidirectional Streaming APIs with F5 NGINX App Protect WAF

NGINX App Protect WAF supports gRPC bidirectional streaming in addition to unary message types, enabling you to secure gRPC-based APIs that use message streams (client, server, or both). This provides complete security for gRPC APIs regardless of the communication type.

NGINX App Protect WAF secures gRPC APIs by enforcing your schema, setting size limits, blocking unknown files, and preventing resource-exhaustion types of DoS attacks. You can import your Interface Definition Language (IDL) file to NGINX App Protect WAF so that it can enforce the structure and schema of your gRPC messages and scan for attacks in the right places. This enables accurate detection of attempts to exploit your application through gRPC and avoids false positives that can occur when scanning for security in the wrong places without context. Learn how NGINX App Protect WAF can defend your gRPC bidirectional streaming APIs from attacks in this demo.

https://docs.nginx.com

Additional Resources:

Blog: Secure Your API Gateway with NGINX App Protect WAF
https://www.nginx.com/blog/secure-your-api-gateway-with-nginx-app-protect-waf/

Blog: Securing gRPC APIs with NGINX App Protect WAF
https://www.nginx.com/blog/securing-grpc-apis-with-nginx-app-protect/

Webpage: NGINX App Protect WAF
https://www.nginx.com/products/nginx-app-protect/web-application-firewall/

Datasheet: NGINX App Protect WAF
https://www.nginx.com/resources/datasheets/nginx-app-protect-web-application-firewall/

eBook: Modern App and API Security
https://www.nginx.com/resources/library/modern-app-api-security/

eBook: Mastering API Architecture from O’Reilly
https://www.nginx.com/resources/library/mastering-api-architecture/

Test drive NGINX App Protect WAF today with a 30-day free trial.
https://www.nginx.com/free-trial-request/