open-appsec Reviews

open-appsec Description

open-appsec is an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks.

It can be deployed as add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways.

The open-appsec engine learns how users normally interact with your web application. It then uses this information to automatically detect requests that fall outside of normal operations, and sends those requests for further analysis to decide whether the request is malicious or not.

open-appsec uses two machine learning models:
1. A supervised model that was trained offline based on millions of requests, both malicious and benign.
2. An unsupervised model that is being built in real time in the protected environment. This model uses traffic patterns specific to the environment.

open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.

Pricing

Free Version:

Yes

Free Trial:

Yes

Integrations

View Integrations

Reviews

Total

ease

features

design

support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:

open-appsec

Year Founded:

2022

Headquarters:

Israel

Website:

www.openappsec.io

Update This Listing

Media

open-appsec uses a Contextual Machine Learning Engine that utilizes a three-phase approach for detecting and preventing Web application and API attacks

open-appsec uses gamification in order to demonstrate the learning progress so you can always know the learning level and what to do next

Product Details

Platforms

SaaS

Linux

On-Premises

Type of Training

Documentation

Live Online

Videos

Customer Support

Phone Support

24/7 Live Support

Online

open-appsec Features and Options

Web Application Firewalls (WAF)

Access Control / Permissions

Alerts / Notifications

Automate and Orchestrate Security

Automated Attack Detection

DDoS Protection

Dashboard

IP Reputation Checking

Managed Rules

OWASP Protection

Reporting / Analytics

Secure App Delivery

Server Cloaking

Virtual Patching

Zero-Day Attack Prevention

Application Security Software

Analytics / Reporting

Open Source Component Monitoring

Source Code Analysis

Third-Party Tools Integration

Training Resources

Vulnerability Detection

Vulnerability Remediation

API Security Software

Compare open-appsec Against Alternatives

vs.

Reblaze

Reblaze is a cloud-native, fully managed security platform for websites and web applications. Reblaze’s all-in-one solution supports flexible deployment options (cloud, multi-cloud, hybrid, DC), deployed in minutes and includes state-of-the-art Bot Management, API Security, next-gen WAF, DDoS...

Compare
vs.

Fortinet FortiWeb Web Application Firewall

FortiWeb WAF protects web applications and APIs from the OWASP Top 10, zero-day threats, and other application-layer attacks. It also includes robust features such as API discovery and protection, bot mitigation, threat analytics, and advanced reporting.

Compare
vs.

Wallarm WAF

Wallarm Advanced WAF protects websites and APIs from OWASP Top 10 bots and application abuse. There is no need to configure rules and there are very few false positives. Protect against all types of threats. XSS, XXE and SQL Injections. RCE and other OWASP Top 10 Threats. Brute-force attacks,...

Compare
vs.

Traceable

Meet the Industry’s Context-Aware API Security Platform Traceable identifies all of your APIs, and evaluates your API risk posture, stops API attacks that lead to incidents such as data exfiltration, and provides analytics for threat hunting and forensic research. With our solution, you can...

Compare
vs.

ImmuniWeb

ImmuniWeb is a worldwide application security company. ImmuniWeb's headquarter is located in Geneva, Switzerland. Most of ImmuniWeb's customers come from banking, healthcare, and e-commerce. ImmuniWeb® AI Platform leverages award-winning AI and Machine Learning technology for acceleration...

Compare
vs.

CloudGuard AppSec

AppSec powered with contextual AI automates your API protection and application security. AppSec powered by contextual AI is a cloud-native, fully automated application security solution that protects your web applications from attacks. You can now automate the process of setting exceptions and...

Compare
vs.

K2 Security Platform

Protection for applications and container workloads. Real-time Zero Day Attack Prevention. K2 Security Platform is highly efficient in detecting sophisticated attacks against applications that are often not detected by endpoint security solutions like endpoint detection and reaction (EDR) or web...

Compare
vs.

AppTrana

AppTrana, a fully managed Web app firewall, includes Web application scanning to identify application-layer vulnerabilities, instant and managed Risk-based Protection with its WAF and Managed DDOS, and Bot Mitigation service. Web site acceleration can also be provided with a bundled CDN, or can...

Compare

Similar Software

Reblaze

Reblaze is a cloud-native, fully managed security platform for websites and web applications. Reblaze’s all-in-one solution supports flexible deployment options (cloud, multi-cloud, hybrid, DC), deployed in minutes and includes state-of-the-art Bot Management, API Security, next-gen WAF, DDoS...

View Software
Fortinet FortiWeb Web Application Firewall

FortiWeb WAF protects web applications and APIs from the OWASP Top 10, zero-day threats, and other application-layer attacks. It also includes robust features such as API discovery and protection, bot mitigation, threat analytics, and advanced reporting.

View Software
Wallarm WAF

Wallarm Advanced WAF protects websites and APIs from OWASP Top 10 bots and application abuse. There is no need to configure rules and there are very few false positives. Protect against all types of threats. XSS, XXE and SQL Injections. RCE and other OWASP Top 10 Threats. Brute-force attacks,...

View Software
Traceable

Meet the Industry’s Context-Aware API Security Platform Traceable identifies all of your APIs, and evaluates your API risk posture, stops API attacks that lead to incidents such as data exfiltration, and provides analytics for threat hunting and forensic research. With our solution, you can...

View Software