open-appsec
open-appsec (openappsec.io) in an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks.
Features
- Web Application Firewall
- Nginx
Tags
- kubernetes-waf
- appsec
- Cloud Security
- api-security
- Web Application Security
- owasp
open-appsec News & Activities
Recent activities
Danilo_Venom added open-appsec as alternative to Anubis
uusec added open-appsec as alternative to UUSEC WAF
open-appsec information
Developed by
open-appsecLicensing
Open Source (Apache-2.0) and Free product.Pricing
One time purchase that costs $0, and / or subscription that costs $0 per month.Written in
Alternatives
11 alternatives listedSupported Languages
- English
What is open-appsec?
open-appsec (openappsec.io) in an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks.
It can be deployed as add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways.
The open-appsec engine learns how users normally interact with your web application. It then uses this information to automatically detect requests that fall outside of normal operations, and sends those requests for further analysis to decide whether the request is malicious or not.
open-appsec uses two machine learning models:
A supervised model that was trained offline based on millions of requests, both malicious and benign.
An unsupervised model that is being built in real time in the protected environment. This model uses traffic patterns specific to the environment.
open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.