Capabilities and more

The features and benefits of Curiefense.

What it does, and how it does it.

Comprehensive web security

A fully operational system that is free, open source, and extensible.

Curiefense provides multiple security technologies encapsulated into a single platform, protecting against a wide range of threats.

Web Application Firewall

Curiefense’s full-featured WAF protects against the OWASP Top 10 and many other threats:

  • Negative security features (signatures, block-listing, etc.) exclude known threats.
  • Positive security features (input validation, schema enforcement, etc.) exclude anomalies and zero-days.
  • The platform has capabilities that are not offered by many commercial solutions, including content filtering, payload inspection, behavioral profiling, and more.

Application-Layer DDoS Protection

Curiefense defends against layer 7 DoS/DDoS at all scales, from massive DDoS botnet assaults to single malformed-packet DoS attempts.

Advanced Rate Limiting

Curiefense provides rate-limiting capabilities, definable at any scope (from globally down to individual URLs). Traffic sources are blocked when their requests exceed predefined limits. This mechanism has a wide variety of beneficial uses, including:

  • Prevention of account takeover attacks (credential stuffing, credential discovery, etc.)
  • Prevention of other brute-force threats, e.g. payment card validation
  • Detecting anomalies, e.g. a single user changes geolocation multiple times
  • Blocking inventory denial attacks
  • And more

API Security

APIs and services are protected with the full range of capabilities that are applied to web applications. The only exceptions are techniques which do not apply to APIs, such as browser environment verification.

Curiefense also has additional capabilities that apply only to APIs and services, such as schema enforcement.


  • Curiefense can be deployed and controlled via web console, REST API, and/or a CLI tool.
  • JSON or YAML configuration format
  • Git versioning as the configuration storage engine
  • Support for environment branching (e.g., prod/devops/qa)

Logging and Real-Time Reporting

Curiefense logs and reports all details (headers, payloads, tags, disposition, etc.) of all requests. Out of the box, it includes Prometheus metrics and Grafana dashboards. Users can customize these, or can swap in their own reporting and visualization frameworks.

Threat Feeds

Curiefense consumes external threat feeds (e.g., IP reputation), auto-updating its security posture as the threat environment evolves. Weekly updates are included for IP reputation, ASNs, etc.

Also available

Premium automation features and support

In addition to the open-source platform described above, the paid features described below are also available for Curiefense.

Latest Threat Feeds

By default, Curiefense receives weekly updates to its threat feeds. Hourly updates are available as a premium feature.

Machine Learning and UEBA

This feature adds Machine Learning (ML) and UEBA (User and Entity Behavioral Analytics) for construction of behavioral profiles of legitimate users. Profiles are granular (down to individual URLs), and are built using a multivariate approach. When a traffic source exhibits behavior that deviates from the norm, it can be flagged/monitored or blocked.

Advanced Bot Detection and Biometric Human Authentication

This feature adds a variety of techniques to detect even the latest generation of hostile bots that masquerade as human users. This includes the ML-based UEBA described above, advanced browser verification, bot challenges, and more.

Mobile SDK

This feature provides an SDK for securing mobile/native apps (iOS and Android). The SDK authenticates the client device, hardens communication with the server, verifies user identity, submits custom events, and participates in UEBA.

Premium Support

Curiefense customers who purchase a commercial license have access to 24/7 support, an expert team to help with system design and architecture advice, and more. Full management services are also available.

Ready to roll?