Audience
DevOps engineers
About open-appsec
automatic web application & API security using machine learning
open-appsec is an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks.
It can be deployed as add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways.
open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.
Other Popular Alternatives & Related Software
Fortinet FortiWeb Web Application Firewall
Unprotected web applications and APIs are the easiest point of entry for hackers and vulnerable to a number of attack types. FortiWeb's AI-enhanced and multi-layered approach protects your web apps from the OWASP Top 10 and more. FortiWeb ML customizes the protection of each application, providing robust protection without requiring the time-consuming manual tuning required by other solutions. With ML, FortiWeb identifies anomalous behavior and, more importantly, distinguishes between malicious and benign anomalies. The solution also features robust bot mitigation capabilities, allowing benign bots to connect (e.g. search engines) while blocking malicious bot activity. FortiWeb also features API discovery and security, as well as threat analytics to identify meaningful security incidents.
FortiWeb is available as an appliance, VM, and fully featured WAF-as-a-Service - which is available to trial and purchase in most cloud marketplaces.
Learn more
AppTrana
Indusface’s AppTrana is a fully managed web application firewall that ensures risk-based protection with its DDoS, API risk, and Bot mitigation services while assuring web acceleration with secure CDN. Combining automated scanning with manual pen-testing, it detects application vulnerabilities. All of this with 24x7 expert support to meet zero false-positive guarantees.
Indusface is the only vendor to be named Customers’ Choice for WAAP in all the 7 segments of the Gartner VoC 2022 Report.
Learn more
Ambassador
Ambassador Edge Stack is a Kubernetes-native API Gateway that delivers the scalability, security, and simplicity for some of the world's largest Kubernetes installations. Edge Stack makes securing microservices easy with a comprehensive set of security functionality, including automatic TLS, authentication, rate limiting, WAF integration, and fine-grained access control.
The API Gateway contains a modern Kubernetes ingress controller that supports a broad range of protocols including gRPC and gRPC-Web, supports TLS termination, and provides traffic management controls for resource availability.
Why use Ambassador Edge Stack API Gateway?
- Accelerate Scalability: Manage high traffic volumes and distribute incoming requests across multiple backend services, ensuring reliable application performance.
- Enhanced Security: Protect your APIs from unauthorized access and malicious attacks with robust security features.
- Improve Productivity & Developer Experience
Learn more
Resurface
Resurface is a runtime API security solution. Detect and respond to API threats and risk in real-time with Resurface continuous API scanning. Purpose-built for API data, Resurface captures complete request and response payloads (including GraphQL) to instantly see threats and failures. Get alerts on data breaches for zero-day detection and response.
Mapped to OWASP Top10, Resurface alerts on threats with complete data security patterns and behaviors. Resurface is self-hosted, all data is first-party, installed with a single Helm command.
Resurface is the only API security solution engineered for deep inspection at scale. Handling millions of API calls, Resurface detects and alerts on active attacks. Machine learning models indicate anomalies and identify low-and-slow attack patterns.
Learn more
Pricing
Free Version:
Free Version available.
Free Trial:
Free Trial available.
Integrations
Company Information
open-appsec
Founded: 2022
Israel
www.openappsec.io
Videos and Screen Captures
open-appsec uses a Contextual Machine Learning Engine that utilizes a three-phase approach for detecting and preventing Web application and API attacks
Other Useful Business Software
MongoDB Atlas runs apps anywhere
MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
Product Details
Platforms Supported
Cloud
Linux
On-Premises
Training
Documentation
Live Online
Videos
Support
Phone Support
24/7 Live Support
Online
open-appsec Frequently Asked Questions
open-appsec Product Features
Application Security
Analytics / Reporting
Open Source Component Monitoring
Third-Party Tools Integration
Training Resources
Vulnerability Detection
Vulnerability Remediation
Source Code Analysis
Web Application Firewalls (WAF)
Alerts / Notifications
Automate and Orchestrate Security
Automated Attack Detection
Dashboard
IP Reputation Checking
Managed Rules
OWASP Protection
Reporting / Analytics
Zero-Day Attack Prevention
Access Control / Permissions
DDoS Protection
Secure App Delivery
Server Cloaking
Virtual Patching