open-appsec Description

open-appsec is an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks.

It can be deployed as add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways.

The open-appsec engine learns how users normally interact with your web application. It then uses this information to automatically detect requests that fall outside of normal operations, and sends those requests for further analysis to decide whether the request is malicious or not.

open-appsec uses two machine learning models:
1. A supervised model that was trained offline based on millions of requests, both malicious and benign.
2. An unsupervised model that is being built in real time in the protected environment. This model uses traffic patterns specific to the environment.

open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.

open-appsec Alternatives
Cloudflare Reviews
Cloudflare
(2002 Ratings)
Cloudflare is the foundation of your infrastructure, applications, teams, and software. Cloudflare protects and ensures the reliability and security of your external-facing resources like websites, APIs, applications, and other web services. It protects your internal resources, such as behind-the firewall applications, teams, devices, and devices. It is also your platform to develop globally scalable applications. Your website, APIs, applications, and other channels are key to doing business with customers and suppliers. It is essential that these resources are reliable, secure, and performant as the world shifts online. Cloudflare for Infrastructure provides a complete solution that enables this for everything connected to the Internet. Your internal teams can rely on behind-the-firewall apps and devices to support their work. Remote work is increasing rapidly and is putting a strain on many organizations' VPNs and other hardware solutions.
Learn more
KrakenD Reviews
KrakenD
(71 Ratings)
Engineered for peak performance and efficient resource use, KrakenD can manage a staggering 70k requests per second on just one instance. Its stateless build ensures hassle-free scalability, sidelining complications like database upkeep or node synchronization. In terms of features, KrakenD is a jack-of-all-trades. It accommodates multiple protocols and API standards, offering granular access control, data shaping, and caching capabilities. A standout feature is its Backend For Frontend pattern, which consolidates various API calls into a single response, simplifying client interactions. On the security front, KrakenD is OWASP-compliant and data-agnostic, streamlining regulatory adherence. Operational ease comes via its declarative setup and robust third-party tool integration. With its open-source community edition and transparent pricing model, KrakenD is the go-to API Gateway for organizations that refuse to compromise on performance or scalability.
Learn more
AppTrana Reviews
AppTrana
(1 Rating)
AppTrana, a fully managed Web app firewall, includes Web application scanning to identify application-layer vulnerabilities, instant and managed Risk-based Protection with its WAF and Managed DDOS, and Bot Mitigation service. Web site acceleration can also be provided with a bundled CDN, or can integrate with an existing CDN. All this is backed by a 24x7 managed security expert service that provides policy updates and custom rules with zero false positive guarantee. Only vendor to be named Customers’ Choice for WAAP in all the 7 segments of the Gartner VoC 2022 Report.
Learn more
Traceable Reviews
Traceable
Meet the Industry’s Context-Aware API Security Platform Traceable identifies all of your APIs, and evaluates your API risk posture, stops API attacks that lead to incidents such as data exfiltration, and provides analytics for threat hunting and forensic research. With our solution, you can confidently discover, manage and secure all of your APIs, quickly deploy, and easily scale to meet the ongoing needs of your organization.
Learn more

Pricing

Free Version:
Yes
Free Trial:
Yes

Integrations

View Integrations

Reviews

Total
ease
features
design
support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:
open-appsec
Year Founded:
2022
Headquarters:
Israel
Website:
www.openappsec.io
Update This Listing

Media

open-appsec uses a Contextual Machine Learning Engine that utilizes a three-phase approach for detecting and preventing Web application and API attacks

open-appsec uses a Contextual Machine Learning Engine that utilizes a three-phase approach for detecting and preventing Web application and API attacks

open-appsec uses a Contextual Machine Learning Engine that utilizes a three-phase approach for detecting and preventing Web application and API attacks open-appsec uses gamification in order to demonstrate the learning progress so you can always know the learning level and what to do next
Recommended Products
Stop Storing Third-Party Tokens in Your Database Icon
Stop Storing Third-Party Tokens in Your Database

Auth0 Token Vault handles secure token storage, exchange, and refresh for external providers so you don't have to build it yourself.

Rolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
Try Auth0 for Free

Product Details

Platforms
Web-Based
Linux
On-Premises
Types of Training
Training Docs
Live Training (Online)
Training Videos
Customer Support
Business Hours
Live Rep (24/7)
Online Support

open-appsec Features and Options

Web Application Firewalls (WAF)

Access Control / Permissions
Alerts / Notifications
Automate and Orchestrate Security
Automated Attack Detection
DDoS Protection
Dashboard
IP Reputation Checking
Managed Rules
OWASP Protection
Reporting / Analytics
Secure App Delivery
Server Cloaking
Virtual Patching
Zero-Day Attack Prevention

Application Security Software

Analytics / Reporting
Open Source Component Monitoring
Source Code Analysis
Third-Party Tools Integration
Training Resources
Vulnerability Detection
Vulnerability Remediation

open-appsec User Reviews

Write a Review
  • Previous
  • Next