Curiefense v1.5 releases: new application security platform

curiefense

Curiefense is a new application security platform, which protects sites, services, and APIs. It extends Envoy proxy to defend against a variety of threats, including SQL and command injection, cross-site scripting (XSS), account takeovers (ATOs), application-layer DDoS, remote file inclusion (RFI), API abuse, and more.

Curiefense is fully controllable programmatically. All configuration data (security rulesets, policies, etc.) can be maintained singularly, or as different branches for different environments, as you choose. All changes are versioned, and reverts can be done at any time.

Curiefense also has a UI console, discussed in this Manual beginning in the Settings section.

Architecture and Components

Curiefense provides traffic filtering that can be configured differently for multiple environments (e.g. dev/qa/prod), all of which can be administered from one central cluster if desired. Here is an overview of its components.

In the diagram above, the Server represents a resource protected by Curiefense (a site, app, service, or API). The User is a traffic source attempting to access that resource.

Incoming traffic passes through Envoy, which is using Curiefense as an HTTP filter. Hostile requests are blocked.

The other components in the diagram represent the Curiefense platform, as follows:

• Curiefense proxy (represented by the Curiefense logo): Plugs into Envoy and performs traffic filtering.

• Logs DB. Curiefense stores traffic data (headers, payloads, etc.) from all requests here.

• Metrics. A Prometheus store of traffic metrics.

• Dashboard. Grafana dashboard(s) with visual displays of traffic metrics.

• Web UI. Curiefense’s web console for configuring the platform.

• Config Server: A service which:

  • Receives configuration edits from the Web UI

  • Receives configuration edits from API calls (not shown in the diagram)

  • Creates a new configuration version in response to edits

  • Stores the new version in one or more Cloud Storage buckets

• Cloud Storage: Stores versioned configurations. Each Curiefense proxy periodically checks Cloud Storage: when a new version is found there, the proxy downloads it and updates its security posture.

Install & Use

© Curiefense Contributors 2020-2021