IronBee, a new Apache-licensed web application firewall
It is my great pleasure to announce the launch of IronBee, a brand new open source web application firewall. It's a project whose main goal is build a universal application security sensor through focus on community-building first , code second. To that end, not only is the project open source, but it uses the Apache 2 license and does not require copyright assignments from contributors. How's that for a conversation starter?
If you head out to the project web site now, you'll find there a whitepaper that goes into detail about why we believe in application security monitoring, why we are taking this particular approach with IronBee, as well as an overview of our key directions. There's no need to repeat all that on this blog. I hope that the whitepaper will give you enough information to get you excited about where we're heading, and excited enough that you will join us on the mailing list for a discussion.
Of course, if you follow my blog you probably know about my work of at least 8 years on ModSecurity, which is a very good and popular open source web application firewall. I will freely admit that it feels a bit awkward to start what is effectively a competing project. Make no mistake, ModSecurity is a fantastic tool (and one very dear to my heart). IronBee exists because we want to do more and go further, and for that we need to start with a foundation different to that of ModSecurity.
Further, the existence of IronBee does not mean that we cannot collaborate with ModSecurity (the project and the community). In fact, we will. I imagine that a good chunk of our work (e.g., security research) will be useful to ModSecurity users. And, for the record, I intend to continue to keep ModSecurity Handbook up-to-date.