open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. It can be deployed as an add-on to Kubernetes Ingress, NGINX, Envoy, Kong and API Gateways.
The software’s engine learns how users normally interact with your web application. It then uses this information to automatically detect requests that fall outside of normal operations, and conducts further analysis to decide whether the request is malicious or not.
Upon every HTTP request, all parts are decoded, JSON and XML sections are extracted, and any IP-level access control is applied.
This is free and open source software.
Features include:
- Preemptive – prevent OWASP-Top-10 and zero-day threats against Web App & APIs by using ML-based security without signature updates (e.g. blocked Log4Shell and Spring4Shell with no updates) and scoring based on transaction, user behavior, crowd behavior & content risk. No signatures.
- Continuous learning delivers precise detection, finding more attacks while eliminating constant fine tuning and exception creation inherent in traditional WAFs.
- Cloud native CI/CD-friendly deployment and automation – from installation to upgrades, to configuration – using declarative infra-as-code or APIs.
- Identify and stop automated attacks before intrusion, theft or harm to customer experiences.
- Protect against over 2,800 Web CVEs, based on award winning NSS-Certified IPS and a fully open Snort 3.0.
- Block requests from malicious IPs based on crowd wisdom gathered in real-time from 64,000+ contributing servers via partnership with CrowdSec.
- Prevent malicious files from being uploaded to web apps and APIs. The engine scans uploaded files and consults a huge cloud repository as to the file’s reputation.
- Set a cap on how many requests can be made within a certain period to web apps and APIs, based on identifiers such as IP address or keys within JWT, cookies or headers.
Website: www.openappsec.io
Support: GitHub Code Repository
Developer: Check Point Software Technologies Ltd
License: Apache License 2.0
open-appsec is written in C++. Learn C++ with our recommended free books and free tutorials.
Return to Best Free Web Application Firewalls
| Popular series | |
|---|---|
 | The largest compilation of the best free and open source software in the universe. Each article is supplied with a legendary ratings chart helping you to make informed decisions. |
 | Hundreds of in-depth reviews offering our unbiased and expert opinion on software. We offer helpful and impartial information. |
 | Replace proprietary software with open source alternatives: Google, Microsoft, Apple, Adobe, IBM, Autodesk, Oracle, Atlassian, Corel, Cisco, Intuit, and SAS. |
 | Awesome Free Linux Games Tools showcases a series of tools that making gaming on Linux a more pleasurable experience. This is a new series. |
 | Machine Learning explores practical applications of machine learning and deep learning from a Linux perspective. We've written reviews of more than 40 self-hosted apps. All are free and open source. |
 | New to Linux? Read our Linux for Starters series. We start right at the basics and teach you everything you need to know to get started with Linux. |
 | Alternatives to popular CLI tools showcases essential tools that are modern replacements for core Linux utilities. |
 | Essential Linux system tools focuses on small, indispensable utilities, useful for system administrators as well as regular users. |
 | Linux utilities to maximise your productivity. Small, indispensable tools, useful for anyone running a Linux machine. |
 | Surveys popular streaming services from a Linux perspective: Amazon Music Unlimited, Myuzi, Spotify, Deezer, Tidal. |
 | Saving Money with Linux looks at how you can reduce your energy bills running Linux. |
 | Home computers became commonplace in the 1980s. Emulate home computers including the Commodore 64, Amiga, Atari ST, ZX81, Amstrad CPC, and ZX Spectrum. |
 | Now and Then examines how promising open source software fared over the years. It can be a bumpy ride. |
 | Linux at Home looks at a range of home activities where Linux can play its part, making the most of our time at home, keeping active and engaged. |
 | Linux Candy reveals the lighter side of Linux. Have some fun and escape from the daily drudgery. |
 | Getting Started with Docker helps you master Docker, a set of platform as a service products that delivers software in packages called containers. |
 | Best Free Android Apps. We showcase free Android apps that are definitely worth downloading. There's a strict eligibility criteria for inclusion in this series. |
 | These best free books accelerate your learning of every programming language. Learn a new language today! |
 | These free tutorials offer the perfect tonic to our free programming books series. |
 | Linux Around The World showcases usergroups that are relevant to Linux enthusiasts. Great ways to meet up with fellow enthusiasts. |
 | Stars and Stripes is an occasional series looking at the impact of Linux in the USA. |