Blogs

CSRF and XSS are popular, sneaky tactics attackers use to exploit customers' trust by hijacking user sessions and stealing sensitive data.

WAF testing is a systematic approach to evaluating the effectiveness of a WAF in detecting and mitigating potential security risks.

open-appsec events can be seen in the open-appsec central management WebUI. Here we explain how these events can also be displayed in SIEM.

Over the past few years, Kubernetes (K8s) has emerged as the leading container orchestration platform for developers, offering the...

Web applications are magnets for cyber attacks, like DDoS, SQL hacks, and XSS, which can steal data, cause financial problems, and damage...

How IT Creation, Netherlands transitioned from ModSecurity WAF to a machine-learning based open source WAF.

Modern web applications are constantly under attack from various threats. These threats span from well-known XSS and SQL injection...

Gamification and metaphors can make AI's learning journey more transparent and relatable, explained on an open-source ML-based WAF

In this blog we describe how to secure MicroK8s Kubernetes cluster on an Ubuntu machine, using open-appsec based on NGINX ingress controller

Navigating the intricate landscape of cloud services can be a daunting endeavor, especially when considering the cost implications. Among...

Thanks to the Open Web Application Security Project (OWASP) framework, we now have robust rules to guard against the most common security...

Sophisticated attacks and complex environments are raising the bar for security standards, with known and unknown vulnerabilities...