Audience
DevOps engineers
About open-appsec
automatic web application & API security using machine learning
open-appsec is an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks.
It can be deployed as add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways.
open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.
Other Popular Alternatives & Related Software
Traceable
Meet the Industry’s Context-Aware API Security Platform
Traceable identifies all of your APIs, and evaluates your API risk posture, stops API attacks that lead to incidents such as data exfiltration, and provides analytics for threat hunting and forensic research. With our solution, you can confidently discover, manage and secure all of your APIs, quickly deploy, and easily scale to meet the ongoing needs of your organization.
If you’re planning on improving the data security posture in your APIs, Traceable would love the opportunity to discuss how we could help and share some of our lessons learned from working with enterprise customers like Canon, Informatica, Outreach, and many others.
Learn more
Fortinet FortiWeb Web Application Firewall
Unprotected web applications and APIs are the easiest point of entry for hackers and vulnerable to a number of attack types. FortiWeb's AI-enhanced and multi-layered approach protects your web apps from the OWASP Top 10 and more. FortiWeb ML customizes the protection of each application, providing robust protection without requiring the time-consuming manual tuning required by other solutions. With ML, FortiWeb identifies anomalous behavior and, more importantly, distinguishes between malicious and benign anomalies. The solution also features robust bot mitigation capabilities, allowing benign bots to connect (e.g. search engines) while blocking malicious bot activity. FortiWeb also features API discovery and security, as well as threat analytics to identify meaningful security incidents.
FortiWeb is available as an appliance, VM, and fully featured WAF-as-a-Service - which is available to trial and purchase in most cloud marketplaces.
Learn more
Fastly
Empower your developers, connect with your customers, and grow your business with today’s leading edge cloud platform. Deliver the best online experiences possible with our edge cloud platform, built to strengthen your current teams and technology. We move data and applications closer to your users — at the edge of the network — to help your websites and apps perform faster, safer, and at global scale. Fastly's highly programmable CDN gives you the freedom to customize delivery right at the edge. Delight your users with the content they want at their fingertips. Our powerful POPs, driven by solid-state drives (SSDs) and hosted in well-connected locations around the world, help us keep more content in cache longer for fewer trips to the origin. Instant Purge and batch purging with surrogate keys let you cache and invalidate highly dynamic content with a mean purge time of 150 milliseconds*. Serve headlines, inventory, or weather forecasts that are always up to date.
Learn more
SKUDONET
SKUDONET Enterprise Edition is an Application Delivery and Security Platform built on Linux Debian 12.5 LTS for critical enterprise environments. Formerly known as Zevenet, it provides advanced L4/L7 load balancing, integrated WAF, TLS management with Let’s Encrypt and wildcard support, and protocol-aware traffic inspection across on-premises, hybrid, or cloud deployments, including SkudoCloud SaaS.
A free trial is available for evaluation on the SKUDONET website.
Key Features & Benefits:
• High Availability: Clustering and failover to minimize downtime.
• Advanced Security: WAF, L7 filtering, DoS protection, TLS with Let’s Encrypt and wildcard support.
• Scalability: Optimized for high-throughput workloads with multi-core processing and efficient packet handling.
• Traffic Control: Session persistence, custom routing rules, and granular L4/L7 inspection.
• Centralized Management: Unified dashboard for configuration, monitoring, and policy automation.
Learn more
Pricing
Free Version:
Free Version available.
Free Trial:
Free Trial available.
Integrations
Company Information
open-appsec
Founded: 2022
Israel
www.openappsec.io
Videos and Screen Captures
open-appsec uses a Contextual Machine Learning Engine that utilizes a three-phase approach for detecting and preventing Web application and API attacks
Other Useful Business Software
Gemini 3 and 200+ AI Models on One Platform
Build generative AI apps with Vertex AI. Switch between models without switching platforms.
Product Details
Platforms Supported
Cloud
Linux
On-Premises
Training
Documentation
Live Online
Videos
Support
Phone Support
24/7 Live Support
Online
open-appsec Frequently Asked Questions
open-appsec Product Features
Application Security
Analytics / Reporting
Open Source Component Monitoring
Third-Party Tools Integration
Training Resources
Vulnerability Detection
Vulnerability Remediation
Source Code Analysis
Web Application Firewalls (WAF)
Alerts / Notifications
Automate and Orchestrate Security
Automated Attack Detection
Dashboard
IP Reputation Checking
Managed Rules
OWASP Protection
Reporting / Analytics
Zero-Day Attack Prevention
Access Control / Permissions
DDoS Protection
Secure App Delivery
Server Cloaking
Virtual Patching
