beenull/crowdsec

Fork 0

Commit graph

Author	SHA1	Message	Date
mmetc	97e6588a45	cscli hub items: avoid global (#2960 ) * cscli hub items: avoid global * lint (whitespace, errors) * lint	2024-04-24 10:05:55 +02:00
mmetc	c10aad79d9	cscli refact / encapsulate methods for capi, hubtest, dashboard, alerts, decisions, simulation (#2650 )	2023-12-11 10:32:54 +01:00
Thibault "bui" Koechlin	8cca4346a5	Application Security Engine Support (#2273 ) Add a new datasource that: - Receives HTTP requests from remediation components - Apply rules on them to determine whether they are malicious or not - Rules can be evaluated in-band (the remediation component will block the request directly) or out-band (the RC will let the request through, but crowdsec can still process the rule matches with scenarios) The PR also adds support for 2 new hub items: - appsec-configs: Configure the Application Security Engine (which rules to load, in which phase) - appsec-rules: a rule that is added in the Application Security Engine (can use either our own format, or seclang) --------- Co-authored-by: alteredCoder <kevin@crowdsec.net> Co-authored-by: Sebastien Blot <sebastien@crowdsec.net> Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com> Co-authored-by: Marco Mariani <marco@crowdsec.net>	2023-12-07 12:21:04 +01:00

Author

SHA1

Message

Date

mmetc

97e6588a45

cscli hub items: avoid global (#2960 )

* cscli hub items: avoid global

* lint (whitespace, errors)

* lint

2024-04-24 10:05:55 +02:00

mmetc

c10aad79d9

cscli refact / encapsulate methods for capi, hubtest, dashboard, alerts, decisions, simulation (#2650 )

2023-12-11 10:32:54 +01:00

Thibault "bui" Koechlin

8cca4346a5

Application Security Engine Support (#2273 )

Add a new datasource that:
- Receives HTTP requests from remediation components
- Apply rules on them to determine whether they are malicious or not
- Rules can be evaluated in-band (the remediation component will block the request directly) or out-band (the RC will let the request through, but crowdsec can still process the rule matches with scenarios)

The PR also adds support for 2 new hub items:
- appsec-configs: Configure the Application Security Engine (which rules to load, in which phase)
- appsec-rules: a rule that is added in the Application Security Engine (can use either our own format, or seclang)

---------

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
Co-authored-by: Marco Mariani <marco@crowdsec.net>

2023-12-07 12:21:04 +01:00

3 commits