core

Authentication and authorization agent supporting JWT, OIDC, API keys, Basic auth, SAML SSO, mTLS, Cedar policies, and token exchange.

Pure Rust WAF with 285 detection rules, anomaly scoring, API security, schema validation, bot protection, and n-gram based payload analysis.

Comprehensive bot detection with multi-signal analysis, known bot verification, and behavioral tracking.

Advanced request and response transformation with URL rewriting, header manipulation, and JSON body transforms.

Block requests based on IP addresses, CIDR ranges, or custom patterns with real-time updates.

Embed custom Lua scripts for flexible request/response processing and header manipulation.