May 7 · 12 min read · Why Virtual Patching Exists (and Why You Need It This Quarter) Patchstack's 2026 State of WordPress Security report (source) lands on a number that should reset how you think about update windows: 46%
Join discussion
Apr 19 · 6 min read · Modern software ships fast. Security incidents ship faster. With cloud‑native apps, microservices, and open‑source everywhere, application security can no longer be an afterthought. That’s where SCA
Join discussion
Mar 29 · 14 min read · How to Secure an API: The 4-Layer Framework That Works APIs are the backbone of every modern app. They are also the most common entry point for attackers. Most developers bolt security on as an afterthought: one middleware, one config flag, one if us...
Join discussion
Mar 18 · 6 min read · Okay, before we go into the depths of these concepts, I want to tell you that we will take it easy. I don’t want you to get overwhelmed by the jargon. We spend hours arguing about which programming la
Join discussion
Feb 12 · 10 min read · Why Traditional WAF Approaches Fail for Modern APIs Standard WAF rulesets were engineered for HTML form submissions and browser-based interactions. They excel at blocking SQL injection in query parameters but struggle with JSON-based attacks, JWT man...
Join discussionFeb 12 · 9 min read · Metadata SEO Title: WAF Configuration Guide: Secure Modern Web Applications Meta Description: Learn how to configure Web Application Firewalls for cloud-native apps in 2025. Practical WAF rules, OWASP protection, and deployment strategies. Primary Ke...
Join discussionFeb 3 · 19 min read · For the past two years, Otoroshi has had a Web Application Firewall powered by Coraza, the excellent Go implementation of ModSecurity. To achieve that, we compiled Coraza to WebAssembly (wasm) and ran it inside Otoroshi using our wasm virtual machine...
Join discussion
Jan 10 · 9 min read · Tổng quan Từ lâu trong kiến trúc về bảo mật thì FortiWeb Web Application Firewall (WAF) được xem như là một lớp phòng thủ tuyến đầu. Tại đây WAF chịu trách nhiệm bảo vệ ngăn chặn các cuộc tấn công dò quét từ bên ngoài vào các ứng dụng Web, tuy nhiên ...
Join discussion
