top of page
Blogs
NGINX WAF and Kubernetes WAF options (App Protect vs. open-appsec)
This articles compares NGINX App Protect signature-based WAF and open-appsec free open-source ML-based WAF.
Christopher Lutat
Nov 17, 20224 min read
What to do When Your Web Application or API Penetration Test Fails
Why you should perform pentesting, how to fix common issues discovered and how to mitigate using a WAF.
Mohammed Osman
Nov 11, 20227 min read
OpenSSL Vulnerability November 2022 (CVE-2022-3786 and CVE-2022-3602)
open-appsec deployment package does not bring OpenSSL. The library installed during deployment is version 1.1.1, which is not vulnerable.
Editorial
Oct 31, 20221 min read
Open-source code is now published for open-appsec Machine Learning-based WAF
Pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks for Kubernetes Ingress, NGINX, Envoy and API Gateways
Roy Barda
Oct 26, 20223 min read
open-appsec/CloudGuard AppSec preemptive protection for text4shell zero-day attack (CVE-2022-42889)
open-appsec ML-based WAF provides out-of-the-box protection against the latest "text4shell” vulnerability (CVE-2022-42889)
Christopher Lutat
Oct 18, 20223 min read
17 hours to react to zero-day threats -- good enough? A perspective on Forrester’s WAF Vendors Wave
In today's environment of tested and proven ML, there is no reason to accept low expectations for protection.
Oded Gonda
Sep 30, 20225 min read
Zero day attack prevention
A deep look at zero-day exploits and whether it is possible to avoid being the victim of one.
Thinus Swart
Sep 18, 20228 min read
Hello, world! About open-appsec beta.
Open-source has enabled the tech industry to creatively use, build, connect and innovate. Can you imagine a modern tech stack without...
Oded Gonda
Aug 25, 20222 min read
Log4Shell Preemptive Protection
How Micah protected his startup's Kubernetes by deploying open-appsec using GitOps CD to provide preemptive Log4Shell protection Micah is...
Editorial
Jul 14, 20222 min read
ModSecurity Alternative
How Jonathan replaced his soon-unsupported ModSecurity WAF with open-appsec's free Community Edition to protect EKS environments and...
Editorial
Jul 14, 20222 min read
Remediate Pentest results
How Jessica remediated major security weaknesses uncovered by a pentesting company in her manufacturing company's Web APIs and Web...
Editorial
Jul 14, 20223 min read
bottom of page