How we built ngrok's WAF with OWASP CRS and Coraza

Ben Chan, a software engineer at ngrok, details the process of building ngrok's Web Application Firewall (WAF) by utilizing the OWASP Core Rule Set (CRS) and Coraza. This endeavor involved implementing a robust security framework to protect against common web vulnerabilities. By leveraging the OWASP CRS, which is a set of generic attack detection rules, and integrating it with Coraza, an open-source WAF engine, ngrok enhanced its security measures to safeguard web applications effectively. The approach underscores the importance of employing tested and community-supported security tools to maintain a resilient and secure web infrastructure.