open-appsec

open-appsec (openappsec.io) is an open-source initiative that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks.

It can be deployed as an add-on to Kubernetes Ingress, NGINX, Envoy and API Gateways.

The open-appsec engine learns how users normally interact with a web application. It then uses this information to automatically detect requests that fall outside of normal operations and sends those requests for further analysis to decide whether the request is malicious or not.

open-appsec uses two machine learning models:

1. A supervised model that was trained offline based on millions of requests, both malicious and benign.

2. An unsupervised model that is being built in real time in the protected environment. This model uses traffic patterns specific to the environment.

open-oppsec simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.