Audience
DevOps engineers
About open-appsec
automatic web application & API security using machine learning
open-appsec is an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks.
It can be deployed as add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways.
open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.
Pricing
Free Version:
Free Version available.
Free Trial:
Free Trial available.
Integrations
Company Information
open-appsec
Founded: 2022
Israel
www.openappsec.io
Videos and Screen Captures
open-appsec uses a Contextual Machine Learning Engine that utilizes a three-phase approach for detecting and preventing Web application and API attacks
Resurface
Resurface is a runtime API security solution. Detect and respond to API threats and risk in real-time with Resurface continuous API scanning. Purpose-built for API data, Resurface captures complete request and response payloads (including GraphQL) to instantly see threats and failures. Get alerts on data breaches for zero-day detection and response.
Mapped to OWASP Top10, Resurface alerts on threats with complete data security patterns and behaviors. Resurface is self-hosted, all data is first-party, installed with a single Helm command.
Resurface is the only API security solution engineered for deep inspection at scale. Handling millions of API calls, Resurface detects and alerts on active attacks. Machine learning models indicate anomalies and identify low-and-slow attack patterns.
Learn more
AppTrana
Indusface’s AppTrana is a fully managed web application firewall that ensures risk-based protection with its DDoS, API risk, and Bot mitigation services while assuring web acceleration with secure CDN. Combining automated scanning with manual pen-testing, it detects application vulnerabilities. All of this with 24x7 expert support to meet zero false-positive guarantees.
Indusface is the only vendor to be named Customers’ Choice for WAAP in all the 7 segments of the Gartner VoC 2022 Report.
Learn more
Fortinet FortiWeb Web Application Firewall
Unprotected web applications and APIs are the easiest point of entry for hackers and vulnerable to a number of attack types. FortiWeb's AI-enhanced and multi-layered approach protects your web apps from the OWASP Top 10 and more. FortiWeb ML customizes the protection of each application, providing robust protection without requiring the time-consuming manual tuning required by other solutions. With ML, FortiWeb identifies anomalous behavior and, more importantly, distinguishes between malicious and benign anomalies. The solution also features robust bot mitigation capabilities, allowing benign bots to connect (e.g. search engines) while blocking malicious bot activity. FortiWeb also features API discovery and security, as well as threat analytics to identify meaningful security incidents.
FortiWeb is available as an appliance, VM, and fully featured WAF-as-a-Service - which is available to trial and purchase in most cloud marketplaces.
Learn more
Traceable
Meet the Industry’s Context-Aware API Security Platform
Traceable identifies all of your APIs, and evaluates your API risk posture, stops API attacks that lead to incidents such as data exfiltration, and provides analytics for threat hunting and forensic research. With our solution, you can confidently discover, manage and secure all of your APIs, quickly deploy, and easily scale to meet the ongoing needs of your organization.
If you’re planning on improving the data security posture in your APIs, Traceable would love the opportunity to discuss how we could help and share some of our lessons learned from working with enterprise customers like Canon, Informatica, Outreach, and many others.
Learn more
You Might Also Like
Venn is a secure workspace for remote work that isolates and protects work from any personal use on the same computer. Work lives in a secure local enclave that is company controlled, where all data is encrypted and access is managed. Within the enclave – visually indicated by the Blue Border around these applications – business activity is walled off from anything that happens on the personal side. As a result, work and personal uses can now safely coexist on the same computer.
Product Details
Platforms Supported
SaaS
Linux
On-Premises
Training
Documentation
Live Online
Videos
Support
Phone Support
24/7 Live Support
Online
open-appsec Frequently Asked Questions
open-appsec Product Features
Application Security
Analytics / Reporting
Open Source Component Monitoring
Third-Party Tools Integration
Training Resources
Vulnerability Detection
Vulnerability Remediation
Source Code Analysis
Web Application Firewalls (WAF)
Alerts / Notifications
Automate and Orchestrate Security
Automated Attack Detection
Dashboard
IP Reputation Checking
Managed Rules
OWASP Protection
Reporting / Analytics
Zero-Day Attack Prevention
Access Control / Permissions
DDoS Protection
Secure App Delivery
Server Cloaking
Virtual Patching