6d ago · 6 min read · Modern software ships fast. Security incidents ship faster. With cloud‑native apps, microservices, and open‑source everywhere, application security can no longer be an afterthought. That’s where SCA
Join discussion
Mar 29 · 13 min read · How Do You Secure an API? The 4-Layer Framework That Actually Works APIs are the backbone of every modern application — and the most common entry point for attackers. Most developers bolt security on as an afterthought: one middleware, one config fla...
Join discussion
Mar 18 · 6 min read · Okay, before we go into the depths of these concepts, I want to tell you that we will take it easy. I don’t want you to get overwhelmed by the jargon. We spend hours arguing about which programming la
Join discussion
Feb 12 · 10 min read · Why Traditional WAF Approaches Fail for Modern APIs Standard WAF rulesets were engineered for HTML form submissions and browser-based interactions. They excel at blocking SQL injection in query parameters but struggle with JSON-based attacks, JWT man...
Join discussionFeb 12 · 9 min read · Metadata SEO Title: WAF Configuration Guide: Secure Modern Web Applications Meta Description: Learn how to configure Web Application Firewalls for cloud-native apps in 2025. Practical WAF rules, OWASP protection, and deployment strategies. Primary Ke...
Join discussionFeb 3 · 19 min read · For the past two years, Otoroshi has had a Web Application Firewall powered by Coraza, the excellent Go implementation of ModSecurity. To achieve that, we compiled Coraza to WebAssembly (wasm) and ran it inside Otoroshi using our wasm virtual machine...
Join discussion
Jan 10 · 9 min read · Tổng quan Từ lâu trong kiến trúc về bảo mật thì FortiWeb Web Application Firewall (WAF) được xem như là một lớp phòng thủ tuyến đầu. Tại đây WAF chịu trách nhiệm bảo vệ ngăn chặn các cuộc tấn công dò quét từ bên ngoài vào các ứng dụng Web, tuy nhiên ...
Join discussion
Jan 10 · 7 min read · Overview For a long time in security architecture, the FortiWeb Web Application Firewall (WAF) has been considered a frontline defense layer. Here, the WAF is responsible for protecting against external scanning attacks on web applications. However, ...
Join discussion
Dec 29, 2025 · 3 min read · 1. Introduction In today’s cloud-native world, most applications are publicly accessible over the internet. This makes them vulnerable to common web attacks such as SQL Injection, Cross-Site Scripting (XSS), bad bots, and brute-force attempts. Tradit...
Join discussion
