Blogs

Learn how to leverage open-appsec / CloudGuard WAF for PCI DSS Requirement 6.4.1-2 Compliance.

Announcing open-appsec WAF Integration with NGINX Proxy Manager!

Blog examines CVE-2023-36934, a critical vulnerability in MOVEit Transfer software. We detailed the vulnerability's exploitation mechan

open-appsec events can be seen in the open-appsec central management WebUI. Here we explain how these events can also be displayed in SIEM.

How IT Creation, Netherlands transitioned from ModSecurity WAF to a machine-learning based open source WAF.

Gamification and metaphors can make AI's learning journey more transparent and relatable, explained on an open-source ML-based WAF

In this blog we describe how to secure MicroK8s Kubernetes cluster on an Ubuntu machine, using open-appsec based on NGINX ingress controller

ModSecurity will reach “End of Life“ by 31.3.2024. This blog explains how open-appsec can offer an open-source, free, ML-based alternative

In this blog we explain how to protect GraphQL applications effectively without any change to the protected application, using open-appsec.

On Monday August 28th, 2023 at 9:31 GMT open-appsec team was notified by email about a potential issue with the Web Portal Events view...

We conducted an experiment developing in two methods: traditional vs. ChatGPT. We share the process and what we learned.

Which WAF delivers the best Security and Detection Quality? We tested AWS, Azure, CloudFlare, F5 NGINX, ModSec, open-appsec / CloudGuard.

In this article, we will present how open-appsec's capabilities can help address each of the OWASP-Top-10 risks.

To explain the inner mechanics of open-appsec’s contextual ML engine, we created a video session, led by open-appsec PM, Christopher Lutat

In this blog we explain how to deploy open-appsec in SWAG version 2.5.0 in different options for self-compilation per OS and version.

In this article you will learn how to easily migrate or connect an existing local open-appsec deployment to the WebUI management portal.

This new integration allows open-appsec to connect to the CrowdSec local API to consume the CrowdSec Threat Intelligence.

In this blog we describe how we used the open-appsec engine’s Schema Validation capability to protect our own APIs.

The report evaluates and rates vendors based on a set of key criteria, including security capabilities, ease of use, and overall value.

open-appsec provides Kong users effective and integrated API Security including preemptive protection against zero-day attacks.