Show HN: Shibuya – A High-Performance WAF in Rust with eBPF and ML Engine (ghostklan.com)

Shibuya, an innovative open-source Web Application Firewall (WAF) developed in Rust, has been unveiled, featuring advanced capabilities that marry traditional security measures with cutting-edge technologies, including eBPF for kernel-level blocking and machine learning for anomaly detection. This new WAF integrates over 615 OWASP rules and can instantly blacklist known malicious IPs via an efficient lookup system, allowing applications to be shielded from threats before they reach the server. Its architecture allows for dynamic rule management and supports extensive web frameworks like OpenAPI and GraphQL, ensuring robust protection tailored to modern applications. The significance of Shibuya lies in its comprehensive security arsenal, which not only protects against common web vulnerabilities but does so with remarkable speed and minimal overhead. Its dual machine learning models, featuring explainability via SHAP, classify various attack types while maintaining a human-in-the-loop feedback mechanism for continuous improvement. Additionally, the inclusion of a built-in attack lab allows developers to test real vulnerabilities against the WAF, creating a safe environment for validation without risking live operations. With features like an NLP policy engine for simplified rule creation and federated learning modules for shared threat intelligence, Shibuya positions itself as a formidable player in the cybersecurity landscape, raising the bar for future WAF solutions.