Tag feed

#waf

97 posts1 followers

Explore Hashnode

Alternatives

Trending tags this week

LLunainternals.hashnode.devJun 22 · 5 min read

Bridging Python and Rust: Mitigating GIL Contention in a High-Throughput LLM Gateway

Bridging Python and Rust: Mitigating GIL Contention in a High-Throughput LLM Gateway When building Aegis, an open-source OpenAI-compatible governance proxy, we made a core architectural decision: use

0

Kkramgyorgytsdevstack.hashnode.devJun 13 · 5 min read

Getting a production WAF out of Azure Front Door Standard

Published June 1, 2026 by gyorgy Azure Front Door covers the whole edge in a single resource: CDN, managed SSL, a load balancer, and a WAF. On AWS and GCP that job is spread across two or three servic

0

PRPaulo Rigonatopaulo-seg.hashnode.devJun 1 · 5 min read

WAF Bypass Testing: A Defensive Checklist for AppSec and Blue Teams

A WAF can reduce risk, but it should never be treated as the only security control between an attacker and an application. The most important WAF failures are often not caused by exotic payloads. They

0

MAMubarak Alhazanpoly4.hashnode.devMay 29 · 11 min read

Why Rate Limiting Alone Won't Stop OTP Abuse — A Real Incident Breakdown

The Attack That Looked Like Normal Traffic On a perfectly normal Tuesday morning, while the team was getting into their usual flow, we quietly noticed that our SendGrid email delivery was behaving str

1

B

Rrathsararr-cyber.hashnode.devMay 8 · 10 min read

Moving From a Managed WAF to One We Actually Owned

The Problem We were running a managed WAF. Every firewall rule change went through a vendor support ticket. For a team with active internal software development, that meant every deployment had a gate

0

EElevaseoengineering.elevaseo.comMay 7 · 12 min read

WordPress WAF Virtual Patching: How to Block Plugin CVEs Before the Patch Ships

Why Virtual Patching Exists (and Why You Need It This Quarter) Patchstack's 2026 State of WordPress Security report (source) lands on a number that should reset how you think about update windows: 46%

0

SCSourav Chakrabortydevsecopssourav.hashnode.devApr 19 · 6 min read

From Code to Runtime: Closing the AppSec Gap with WAF + DevSecOps

Modern software ships fast. Security incidents ship faster. With cloud‑native apps, microservices, and open‑source everywhere, application security can no longer be an afterthought. That’s where SCA

0

RRelunSecunlockoldupload.hashnode.devApr 18 · 3 min read

Turn Off Security Headers using CVE-2026-33691

CVE-2026-33691 (aka UnlockOldUpload as it alias) is a vulnerability on the CRS that affected those following upload rules (933110, 933111, 944140, 932180), that it allows to a hacker to bypass the mos

0

NBNishil Bhavenishilbhave.hashnode.devMar 29 · 14 min read

How to Secure an API: The 4-Layer Framework That Works

How to Secure an API: The 4-Layer Framework That Works APIs are the backbone of every modern app. They are also the most common entry point for attackers. Most developers bolt security on as an afterthought: one middleware, one config flag, one if us...

0

CCosmoscosmoscribe.hashnode.devMar 18 · 6 min read

The Journey of a Request: What Happens Before Your Code Even Runs?

Okay, before we go into the depths of these concepts, I want to tell you that we will take it easy. I don’t want you to get overwhelmed by the jargon. We spend hours arguing about which programming la

0

#waf

Search Hashnode

#waf

Explore Hashnode

Trending tags this week

Bridging Python and Rust: Mitigating GIL Contention in a High-Throughput LLM Gateway

Getting a production WAF out of Azure Front Door Standard

WAF Bypass Testing: A Defensive Checklist for AppSec and Blue Teams

Why Rate Limiting Alone Won't Stop OTP Abuse — A Real Incident Breakdown

Moving From a Managed WAF to One We Actually Owned

WordPress WAF Virtual Patching: How to Block Plugin CVEs Before the Patch Ships

From Code to Runtime: Closing the AppSec Gap with WAF + DevSecOps

Turn Off Security Headers using CVE-2026-33691

How to Secure an API: The 4-Layer Framework That Works

The Journey of a Request: What Happens Before Your Code Even Runs?