top of page
Blogs
open-appsec ML-based WAF protects against modern SQLi AutoSpear evasion techniques
Modern SQLi evasion techniques evolve day by day raising the question of whether traditional WAF systems are able to handle this challenge.
Boris Rozenfeld
Feb 19, 20234 min read
Deep Dive into open-appsec Machine Learning Technology
Article explains how open-appsec ML-based engine allow pre-emptive protection against zero-days and how to configure it.
Fortune Adekogbe
Feb 6, 20238 min read
open-appsec / CloudGuard AppSec is the only product known to pre-emptively block Claroty WAF bypass
Claroty developed a bypass for WAF products. The attack involves appending JSON syntax to SQL injection. Many leading WAFs were vulnerable.
Oded Gonda
Dec 9, 20224 min read
NGINX WAF and Kubernetes WAF options (App Protect vs. open-appsec)
This articles compares NGINX App Protect signature-based WAF and open-appsec free open-source ML-based WAF.
Christopher Lutat
Nov 17, 20224 min read
What to do When Your Web Application or API Penetration Test Fails
Why you should perform pentesting, how to fix common issues discovered and how to mitigate using a WAF.
Mohammed Osman
Nov 11, 20227 min read
OpenSSL Vulnerability November 2022 (CVE-2022-3786 and CVE-2022-3602)
open-appsec deployment package does not bring OpenSSL. The library installed during deployment is version 1.1.1, which is not vulnerable.
Editorial
Oct 31, 20221 min read
Open-source code is now published for open-appsec Machine Learning-based WAF
Pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks for Kubernetes Ingress, NGINX, Envoy and API Gateways
Roy Barda
Oct 26, 20223 min read
open-appsec/CloudGuard AppSec preemptive protection for text4shell zero-day attack (CVE-2022-42889)
open-appsec ML-based WAF provides out-of-the-box protection against the latest "text4shell” vulnerability (CVE-2022-42889)
Christopher Lutat
Oct 18, 20223 min read
17 hours to react to zero-day threats -- good enough? A perspective on Forrester’s WAF Vendors Wave
In today's environment of tested and proven ML, there is no reason to accept low expectations for protection.
Oded Gonda
Sep 30, 20225 min read
Zero day attack prevention
A deep look at zero-day exploits and whether it is possible to avoid being the victim of one.
Thinus Swart
Sep 18, 20228 min read
Hello, world! About open-appsec beta.
Open-source has enabled the tech industry to creatively use, build, connect and innovate. Can you imagine a modern tech stack without...
Oded Gonda
Aug 25, 20222 min read
bottom of page