Show HN: Shibuya – A High-Performance WAF in Rust with eBPF and ML Engine
4 hours ago
- #Open Source
- #Web Application Firewall
- #Cybersecurity
- Shibuya is an advanced open-source WAF with ML anomaly detection and eBPF kernel blocking.
- It includes 615+ OWASP rules and offers SYN flood protection with IP blacklists stored in eBPF maps.
- Two ML models run in parallel: IsolationForest for anomaly detection and Random Forest for attack classification.
- Features a native SecRule parser with full OWASP Core Rule Set and anomaly scoring with 4 paranoia levels.
- Extendable with WebAssembly plugins in any language, running in a sandboxed environment.
- Shadow mode allows deploying new rules safely by logging potential blocks without actual blocking.
- Auto-generates security rules from OpenAPI 3.x specs and provides GraphQL protection features.
- Includes a built-in attack lab (Ashigaru) with deliberately vulnerable services for testing.
- Supports multi-tenancy, RBAC, LDAP integration, and post-quantum cryptography.
- Offers an NLP policy engine for writing security policies in plain English and AI virtual patching.
- Performance benchmarks show <5ms P99 latency overhead and is 100% open-source.