How we deployed open-appsec API Security Schema Validation to protect our own backend systems
top of page
In this blog we describe how we used the open-appsec engine’s Schema Validation capability to protect our own APIs.
2023 GigaOm Radar report selects open-appsec as a Leader in the Application and API Security Space
The report evaluates and rates vendors based on a set of key criteria, including security capabilities, ease of use, and overall value.
open-appsec provides ML-based API Security add-on for Kong API Gateways
open-appsec provides Kong users effective and integrated API Security including preemptive protection against zero-day attacks.
open-appsec ML-based WAF protects against modern SQLi AutoSpear evasion techniques
Researchers from China show that many WAF solutions including AWS, Fortinet, F5, CloudFlare and ModSecurity were vulnerable to SQLi evasions
Deep Dive into open-appsec Machine Learning Technology
Article explains how open-appsec ML-based engine allow pre-emptive protection against zero-days and how to configure it.
open-appsec / CloudGuard AppSec is the only product known to pre-emptively block Claroty WAF bypass
Claroty developed a bypass for WAF products. The attack involves appending JSON syntax to SQL injection. Many leading WAFs were vulnerable.
NGINX WAF and Kubernetes WAF options (App Protect vs. open-appsec)
This articles compares NGINX App Protect signature-based WAF and open-appsec free open-source ML-based WAF.
What to do When Your Web Application or API Penetration Test Fails
Why you should perform pentesting, how to fix common issues discovered and how to mitigate using a WAF.
OpenSSL Vulnerability November 2022 (CVE-2022-3786 and CVE-2022-3602)
open-appsec deployment package does not bring OpenSSL. The library installed during deployment is version 1.1.1, which is not vulnerable.
Open-source code is now published for open-appsec Machine Learning-based WAF
Pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks for Kubernetes Ingress, NGINX, Envoy and API Gateways
bottom of page