- Joined
- May 20, 2019
- Messages
- 1,256
- Likes
- 883
- Points
- 980
Automated web security made simple
Quarantyne is a reverse-proxy that protects web applications and APIs from fraudulent behavior, misuse, bots and cyber-attacks in real-time.
Requirements
- Java 8
Quarantyne is a reverse-proxy written in java. It fronts a web application or API and protects it from fraudulent behavior, misuse, bots and cyber-attacks. It cannot stop them all, but it will definitely make it harder and more expensive to perform.
It's like a firewall but smarter, because it does not just block traffic because the user-agent is not in a whitelist. Quarantyne also performs deep request inspection to detect if, for example, the password used has been compromised before, or if the email is disposable, with minimal configuration and no changes in your application. Our coverage section precisely lists what Quarantyne can identify.
Features
Wide coverage of common HTTP threats and misuse
See coverage for a complete list of the threats and misuse Quarantyne can identify and stop.
Deep traffic analysis
Quarantyne performs deep inspection of web traffic going to your application to verify that the data being sent is not compromised or junk.
Generic integration
Quarantyne adds extra HTTP headers to the request it proxies to your service. For example, an HTTP request coming from AWS will bear the following headers:
- X-Quarantyne-Labels: PCX
- X-Quarantyne-RequestId: 08a0e31a-f1a5-4660-9316-0fdf5d2a959d
Quarantyne can be configured to stop malicious requests from reaching your servers, avoiding wasting computing/DB/cache resources, metrics skew, junk data... See (Passive vs Active)[#passivevsactive].
Metrics & health reporting
Quarantyne binds to an internal adminPort, where metrics (latencies, success rate...) as well as the health of the proxy are reported.
Privacy friendly / GDPR compliance
Quarantyne is offline software. It runs inside your private network and does not communicate over the Internet with anyone to share data about your traffic, your business, or your users.
Ops Friendly.
Single jar with 0 dependencies. Metrics are available on [proxyHost]:[adminPort]/metrics. Service health is available on [proxyHost]:[adminPort]/health
Download Quarantyne