open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. It can be deployed as an add-on to Kubernetes Ingress, NGINX, Envoy, Kong and API Gateways.
The software’s engine learns how users normally interact with your web application. It then uses this information to automatically detect requests that fall outside of normal operations, and conducts further analysis to decide whether the request is malicious or not.
Upon every HTTP request, all parts are decoded, JSON and XML sections are extracted, and any IP-level access control is applied.
This is free and open source software.
Key Features
- Preemptive – prevent OWASP-Top-10 and zero-day threats against Web App & APIs by using ML-based security without signature updates (e.g. blocked Log4Shell and Spring4Shell with no updates) and scoring based on transaction, user behavior, crowd behavior & content risk. No signatures.
- Continuous learning delivers precise detection, finding more attacks while eliminating constant fine tuning and exception creation inherent in traditional WAFs.
- Cloud native CI/CD-friendly deployment and automation – from installation to upgrades, to configuration – using declarative infra-as-code or APIs.
- Identify and stop automated attacks before intrusion, theft or harm to customer experiences.
- Protect against over 2,800 Web CVEs, based on award winning NSS-Certified IPS and a fully open Snort 3.0.
- Block requests from malicious IPs based on crowd wisdom gathered in real-time from 64,000+ contributing servers via partnership with CrowdSec.
- Prevent malicious files from being uploaded to web apps and APIs. The engine scans uploaded files and consults a huge cloud repository as to the file’s reputation.
- Set a cap on how many requests can be made within a certain period to web apps and APIs, based on identifiers such as IP address or keys within JWT, cookies or headers.
Website: www.openappsec.io
Support: GitHub Code Repository
Developer: Check Point Software Technologies Ltd
License: Apache License 2.0
open-appsec is written in C++. Learn C++ with our recommended free books and free tutorials.
Related Software
| Web Application Firewalls | |
|---|---|
| ModSecurity | Web Application Firewall Engine for Apache, IIS and Nginx |
| BunkerWeb | Next-generation Web Application Firewall |
| NAXSI | Nginx Anti XSS & SQL Injection |
| Coraza | Enterprise grade, Golang port of ModSecurity |
| open-appsec | Automatic web application and API security using machine learning |
| lua-resty-waf | High Performance WAF Built on the OpenResty Stack |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Know a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |