Qualys, a provider of on demand IT security risk and compliance management offerings, has unveiled IronBee, a new open source project to provide the next-generation of web application firewall (WAF) technology.
Led by the team who designed and built ModSecurity, the new project aims to produce a web application firewall sensor that is secure, portable, and freely available – even for commercial use, said Qualys.
IronBee will provide advanced application security inspection engine that provides new processing tools and analysis for HTTP traffic.
It will also offer Apache Software License v2, a non-viral open source license that allows individuals and commercial organizations alike to participate, creating a community of users as well as a community of developers.
The new offering’s Modular architecture will enable contributors to implement their own modules without requiring deep understanding of the IronBee architecture, as well as allowing straightforward packaging of configuration information and modules appropriate to user needs.
IronBee will also provide community collaboration effort in order to capture, centralize and share the information needed to defend web applications.
Qualys chairman and CEO Philippe Courtot said due to the proliferation of cloud computing and web applications, it is quite obvious that no single company alone can fight the sophistication of attacks we are now facing.
"We are now enthused to introduce IronBee as an open source project so we can leverage the collective intelligence of the community to develop a cloud-based WAF with a diverse rule set that can help protect us all against cyber attacks," Courtot said.
