How we deployed open-appsec API Security Schema Validation to protect our own backend systems
top of page


In this blog we describe how we used the open-appsec engine’s Schema Validation capability to protect our own APIs.

Hen Eliyahu
- Mar 13
- 5 min
2023 GigaOm Radar report selects open-appsec as a Leader in the Application and API Security Space
The report evaluates and rates vendors based on a set of key criteria, including security capabilities, ease of use, and overall value.

Christopher Lutat
- Feb 23
- 6 min
open-appsec provides ML-based API Security add-on for Kong API Gateways
open-appsec provides Kong users effective and integrated API Security including preemptive protection against zero-day attacks.

Boris Rozenfeld
- Feb 19
- 4 min
open-appsec ML-based WAF protects against modern SQLi AutoSpear evasion techniques
Researchers from China show that many WAF solutions including AWS, Fortinet, F5, CloudFlare and ModSecurity were vulnerable to SQLi evasions


Fortune Adekogbe
- Feb 6
- 8 min
Deep Dive into open-appsec Machine Learning Technology
Article explains how open-appsec ML-based engine allow pre-emptive protection against zero-days and how to configure it.

Oded Gonda
- Dec 10, 2022
- 4 min
open-appsec / CloudGuard AppSec is the only product known to pre-emptively block Claroty WAF bypass
Claroty developed a bypass for WAF products. The attack involves appending JSON syntax to SQL injection. Many leading WAFs were vulnerable.

Christopher Lutat
- Nov 17, 2022
- 4 min
NGINX WAF and Kubernetes WAF options (App Protect vs. open-appsec)
This articles compares NGINX App Protect signature-based WAF and open-appsec free open-source ML-based WAF.

Mohammed Osman
- Nov 11, 2022
- 7 min
What to do When Your Web Application or API Penetration Test Fails
Why you should perform pentesting, how to fix common issues discovered and how to mitigate using a WAF.


Editorial
- Oct 31, 2022
- 1 min
OpenSSL Vulnerability November 2022 (CVE-2022-3786 and CVE-2022-3602)
open-appsec deployment package does not bring OpenSSL. The library installed during deployment is version 1.1.1, which is not vulnerable.


Roy Barda
- Oct 26, 2022
- 3 min
Open-source code is now published for open-appsec Machine Learning-based WAF
Pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks for Kubernetes Ingress, NGINX, Envoy and API Gateways
Blogs
bottom of page