The open source cloud native application security platform.

Curiefense protects all forms of web traffic, services, and APIs. It includes bot management, WAF, application-layer DDoS protection, session profiling, advanced rate limiting, and much more.

Get Started

View Video

A CNCF Sandbox Project

Enterprise-grade web security

Control your traffic

  • Precision

    Precise ACLs give granular control over traffic filtering.

  • Accurate anomaly detection

    Biometric analysis constructs behavioral profiles of legitimate usage for the protected applications and APIs. Deviators can be flagged for closer monitoring, or immediately blocked.

  • Advanced bot management

    Curiefense blocks even sophisticated hostile bots that masquerade as human users.

Robust defenses

Comprehensive,
automated protection

  • HTTP Filtering

    Protects all forms of web traffic: sites, apps, services, and APIs. Includes WAF, L7 DDoS, bot mitigation, and more.

  • Automation

    Auto-updates security policies as the threat environment changes.

  • Granular

    Allows security profiles to be applied at any scale, from entire domains to individual URLs.

For developers, by developers

API-first
security platform

  • Supports DevOps/IaC/GitOps
  • Driveable by UI, cURL, and Swagger
  • Configurations are imported/exported in JSON/YAML
  • All data and configurations versioned in Git
  • Supports branched environments (e.g., Prod/Devops/QA)

 Platform agnostic

Runs anywhere

Runs on cloud VMs and as an Envoy plugin. Deployment options include Docker Compose, Helm chart, Terraform, with more on the way.

Logs, dashboards, and alerts

Real-time traffic data

All details (headers and payloads) of all requests are available for display. Curiefense includes Grafana dashboards out of the box, or use your own visualization framework.


Security baked into your environment

Maximum privacy and performance

Curiefense moves your security back into your network.

  • Eliminates third-party access to your data and metrics.
  • Avoids third-party latency and costs.
  • No traffic or data is decrypted outside your perimeter. Compliance is a breeze.

Endorsements

What our users are saying

“At eCG protection consumer data in priority #1, today I can sleep a bit easier at night knowing it is there fighting bad bot traffic in defense of our sites and consumers.”
James Bynoe — Head of Information Security & Compliance @ ebay
“Curiefense’s tight integration with Envoy and will allow for rapid iteration and robust collaboration on this critical component, .. and evolve the status quo in OSS WAF solutions.”
Matt Klein — Creator of Envoy
“What Curiefense brings is that historical ability of Web Application Firewall to the new frontier within a microservices stack.”
Chris Ferreira — Sr. Cloud Platform Architect | Sr. Technical Leader @ Cisco

Created by

Reblaze, the cloud native security company

Curiefense is named in honor of the famous scientist Marie Curie. The first version was developed in Malakoff, France, a few hundred meters from her home and laboratory. Curiefense was originally created by Reblaze.

© Curiefense Contributors 2020-2021
Edit This Page
© 2021 The Linux Foundation. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks.
For a list of trademarks of The Linux Foundation, please see our Trademark Usage page.