Curiefense v1.4 is now available. This is a milestone release; along with a number of updates and additions, Curiefense is now integrated with NGINX.
Open source isn’t open source without community. And so we were very excited to host our very first community meeting where we can bring everyone together in a virtual space to discuss anything and everything to do with Curiefense.
Another high-profile breach is in the news. This time, the victim was compromised through Slack. Here’s what happened, and how Curiefense can help to avoid a similar incident at your organization.
Until recently, Curiefense’s Helm charts were part of the Curiefense repository. Now they have been moved into a separate repo. Here’s why this was done, and the benefits that we expect from this.
As discussed previously, version 1.4 will include some changes to logging. Some of them created a file management problem. We evaluated several options for log file rotation; here’s what we chose, and why.
Our awesome guest this time is Kelsey Hightower, who is Principal Engineer and Principal Staff Advocate at Google in the Google Cloud Platform Division. Kelsey shares with us how ended up in the Cloud Native space, joining Google, and his job offer at NASA. We also learn about how Kelsey succeeds with his live demo’s, why he calls himself a Minimalist.
Curiefense currently offers a variety of outputs for its traffic logs. In version 1.4, this will change, and later, some of its current behavior will be deprecated. In this post, we’ll discuss how and why this is happening.
We chatted to Richard Li – someone who has accomplished building open-source tools that bring tons of value to the community and running a successful commercial business with Ambassador Labs.
How much processing latency does Curiefense introduce? Here are the results from some recent testing, and how you can run the same tests within your own environment.
Mike Sparr is currently the Chief Cloud Architect at DoiT International but comes from a long history of programming and cloud services. Starting off with a beaten-up Tandy TRS-80, Sparr played with computers from the age of 10, learning programming in a range of languages and sparking an obsession with software.
It takes a lot of skill to be able to facilitate a successful CNCF project and we wanted to get a sense of what it looks like in the trenches. So, we spoke to William Morgan to delve into the good, the bad, and the ugly.
The previous article discussed the data protection and privacy advantages of a dedicated single-tenant security architecture. This article continues this theme and discusses performance and cost.
Most commercial web security solutions are based on a multi-tenant architecture. Curiefense is single-tenant; here's why this is important, and the advantages that this architecture provides.
In a service mesh architecture, can legacy security solutions still be used, or will a different approach be required? What about cloud-based solutions? Is there a way to make security an inherent part of the mesh? These questions are the focus of this article.
The Cloud Native Ecosystem continues to develop and expand its reach as more and more entrepreneurs see pain points in the developer landscape and seek to fill those gaps.
Many organizations today have embraced microservices; they have abandoned the legacy, monolithic infrastructure of applications in the past, and moved into a world of APIs, cloud native infrastructure, and containerization. However, while microservices provide many benefits, they also introduce unique challenges.
A lot has happened since the initial release of v1.0 in November, and not just in our changelog. Here are some of the highlights.
Curiefense has been accepted as a Sandbox Project within the Cloud Native Computing Foundation. Here's what this means, now and going forward.
The previous article on Hostile Bot Detection discussed why it is so important, and the problems with using reCAPTCHA for this. Now in part 2, we'll discuss how Curiefense identifies and filters malicious bots.
reCAPTCHA is a popular service for automatically excluding bots, but there is a growing dissatisfaction over its UX, effectiveness, and potential lack of privacy. For organizations seeking an alternative, what is available to replace it?
This article continues the discussion of API security mechanisms, including session flow control, behavioral profiling, content filtering, hostile bot detection, and deep packet inspection.
As Envoy Proxy continues to grow and becomes more widely adopted, a natural next step is to add security capabilities. Curiefense leverages Envoy's extensibility and flexibility to provide traffic filtering for a wide variety of use cases.
Curiefense includes a number of security mechanisms for defending APIs against hostile traffic. This article discusses API Discovery, Identity-Based Filtering, Mobile Client Authentication, Behavior Enforcement, and Rate Limiting.
API security is increasingly important on the web today. However, filtering API traffic is, in some ways, quite different than protecting a web application. Here's how Curiefense approaches these challenges.
Reblaze Data Scientist Tamara Shostak writes about being inspired by Marie Curie and the example she set by her life, work ethic, and extensive accomplishments.
Curiefense's WAF protects against a wide range of attacks. It includes an extensive database of threat signatures, and users can create custom security policies as well. Here are its capabilities and how to use them.
Curiefense represents a new approach to web security: traffic filtering done directly within the service mesh. Here’s how it works.
Curiefense is a new open-source cloud-native application security platform. It integrates security directly into modern service architectures, and offers multiple benefits that were not previously available in this form.
To filter HTTP traffic, Curiefense uses an intuitive tag-based system. It's flexible and powerful, but still straightforward to understand and use. Here's how it works.
Welcome to Curiefense. Curiefense is a new application security platform which protects sites, services, and APIs. It extends Envoy proxy to defend against a variety of threats, including SQL and command injection, cross site scripting (XSS), account takeovers (ATOs), application-layer DDoS, remote file inclusion (RFI), API abuse, and more.