Application security reimagined

Automated. Cloud native. Open source.

Curiefense extends Envoy proxy to protect all forms of web traffic: sites, apps, services, and APIs. Includes Bot Management, WAF, application-layer DDoS protection, session profiling, advanced rate limiting, and much more, in a unified open source platform.

Created by

Reblaze, the cloud-native web
security company

Enterprise Customers
Web apps and APIs
Daily HTTP Requests


What our clients are saying

“What Curiefense brings is that historical ability of Web Application Firewall to the new frontier within a microservices stack.”
Chris Ferreira — Sr. Cloud Platform Architect | Sr. Technical Leader @ Cisco
“At eCG protection consumer data in priority #1, today I can sleep a bit easier at night knowing the Reblaze solution is there fighting bad bot traffic in defense of our sites and consumers.”
James Bynoe — Head of Information Security & Compliance @ ebay
“Curiefense’s tight integration with Envoy and will allow for rapid iteration and robust collaboration on this critical component, .. and evolve the status quo in OSS WAF solutions.”
Matt Klein — Creator of Envoy

Enterprise-grade web security

Control your traffic

  • Precision

    Precise ACLs give granular control over traffic filtering.

  • Accurate anomaly detection

    Biometric analysis constructs behavioral profiles of legitimate usage for the protected applications and APIs. Deviators can be flagged for closer monitoring, or immediately blocked.

  • Advanced bot management

    Curiefense blocks even sophisticated hostile bots that masquerade as human users.

Robust defenses

automated protection

  • HTTP Filtering

    Protects all forms of web traffic: sites, apps, services, and APIs. Includes WAF, L7 DDoS, bot mitigation, and more.

  • Automation

    Auto-updates security policies as the threat environment changes.

  • Rigorous

    Machine Learning creates specific profiles, customized for the applications and APIs being defended.

By developers, for developers


security platform

  • Supports DevOps/IaC
  • Driveable by UI, cURL, and Swagger
  • Configurations are imported/exported in JSON/YAML
  • All data and configurations versioned in Git
  • Supports branched environments (e.g., Prod/Devops/QA)

 Platform agnostic

Runs anywhere

Runs on cloud VMs and as an Envoy plugin. Deployment options include Docker Compose, Helm chart, and Terraform. More options are pending.

Logs, dashboards, and alerts

Real-time traffic data

All details (headers and payloads) of all requests are available for display. Curiefense includes Grafana dashboards out of the box, or use your own visualization framework.

Security baked into your environment

Maximum privacy and performance

Curiefense moves your security back into your network.

  • Eliminates third-party access to your data and metrics.
  • Avoids third-party latency and costs.
  • No traffic or data is decrypted outside your perimeter. Compliance is a breeze.

Ready to roll?

Reblaze Technologies was an early pioneer in leveraging cloud technologies and Machine Learning for web security, and has continued to lead the industry in key areas such as biometric human detection and bot recognition. Reblaze was highlighted as a cybersecurity innovator at the two most recent Google Cloud Next events in San Francisco, including a live demo that was given during a keynote session by the Senior Product Manager of Google Cloud.