Blogs

Source Lists like the OWASP Top 10 in web application security read like a hacker’s shopping list: broken access control, authentication...

Threat detection tools are software systems designed to identify, analyze, and manage malicious activities.

We live in an API-driven world. But, just as APIs connect businesses and users globally, they also offer a gateway to malicious actors.

Learn how to leverage open-appsec / CloudGuard WAF for PCI DSS Requirement 6.4.1-2 Compliance.

APIs are the bilingual translators of the software world, enabling applications to communicate with one another seamlessly. 

Bot detection is the process of identifying beneficial and harmful automated bots that interact with websites or applications. 

A zero-day vulnerability is a digital time bomb that can go off at any time. These vulnerabilities are far more dangerous than others...

Time is critical when a cyber-attack happens - every minute counts. Why wait to respond when an attack happens when you could get ahead?

The Pros and Cons of Cloud Armor (GCP WAF). Why does Google's Cloud Armor not dominate the industry like Google's other products?

Think of bots as online troublemakers. On Twitter alone, 5% of monetizable daily active users are automated bots. The situation is no...

Announcing open-appsec WAF Integration with NGINX Proxy Manager!

Blog examines CVE-2023-36934, a critical vulnerability in MOVEit Transfer software. We detailed the vulnerability's exploitation mechan