Audience
DevOps engineers
About open-appsec
automatic web application & API security using machine learning
open-appsec is an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks.
It can be deployed as add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways.
open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.
Other Popular Alternatives & Related Software
Resurface
Resurface is a runtime API security solution. Detect and respond to API threats and risk in real-time with Resurface continuous API scanning. Purpose-built for API data, Resurface captures complete request and response payloads (including GraphQL) to instantly see threats and failures. Get alerts on data breaches for zero-day detection and response.
Mapped to OWASP Top10, Resurface alerts on threats with complete data security patterns and behaviors. Resurface is self-hosted, all data is first-party, installed with a single Helm command.
Resurface is the only API security solution engineered for deep inspection at scale. Handling millions of API calls, Resurface detects and alerts on active attacks. Machine learning models indicate anomalies and identify low-and-slow attack patterns.
Learn more
Traceable
Meet the Industry’s Context-Aware API Security Platform
Traceable identifies all of your APIs, and evaluates your API risk posture, stops API attacks that lead to incidents such as data exfiltration, and provides analytics for threat hunting and forensic research. With our solution, you can confidently discover, manage and secure all of your APIs, quickly deploy, and easily scale to meet the ongoing needs of your organization.
If you’re planning on improving the data security posture in your APIs, Traceable would love the opportunity to discuss how we could help and share some of our lessons learned from working with enterprise customers like Canon, Informatica, Outreach, and many others.
Learn more
Ambassador
Ambassador Edge Stack is a Kubernetes-native API Gateway that delivers the scalability, security, and simplicity for some of the world's largest Kubernetes installations. Edge Stack makes securing microservices easy with a comprehensive set of security functionality, including automatic TLS, authentication, rate limiting, WAF integration, and fine-grained access control.
The API Gateway contains a modern Kubernetes ingress controller that supports a broad range of protocols including gRPC and gRPC-Web, supports TLS termination, and provides traffic management controls for resource availability.
Why use Ambassador Edge Stack API Gateway?
- Accelerate Scalability: Manage high traffic volumes and distribute incoming requests across multiple backend services, ensuring reliable application performance.
- Enhanced Security: Protect your APIs from unauthorized access and malicious attacks with robust security features.
- Improve Productivity & Developer Experience
Learn more
AppTrana
Indusface’s AppTrana is a fully managed web application firewall that ensures risk-based protection with its DDoS, API risk, and Bot mitigation services while assuring web acceleration with secure CDN. Combining automated scanning with manual pen-testing, it detects application vulnerabilities. All of this with 24x7 expert support to meet zero false-positive guarantees.
Indusface is the only vendor to be named Customers’ Choice for WAAP in all the 7 segments of the Gartner VoC 2022 Report.
Learn more
Pricing
Free Version:
Free Version available.
Free Trial:
Free Trial available.
Integrations
Company Information
open-appsec
Founded: 2022
Israel
www.openappsec.io
Videos and Screen Captures
open-appsec uses a Contextual Machine Learning Engine that utilizes a three-phase approach for detecting and preventing Web application and API attacks
You Might Also Like
MongoDB Atlas runs apps anywhere
MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
Product Details
Platforms Supported
Cloud
Linux
On-Premises
Training
Documentation
Live Online
Videos
Support
Phone Support
24/7 Live Support
Online
open-appsec Frequently Asked Questions
open-appsec Product Features
Application Security
Analytics / Reporting
Open Source Component Monitoring
Third-Party Tools Integration
Training Resources
Vulnerability Detection
Vulnerability Remediation
Source Code Analysis
Web Application Firewalls (WAF)
Alerts / Notifications
Automate and Orchestrate Security
Automated Attack Detection
Dashboard
IP Reputation Checking
Managed Rules
OWASP Protection
Reporting / Analytics
Zero-Day Attack Prevention
Access Control / Permissions
DDoS Protection
Secure App Delivery
Server Cloaking
Virtual Patching