Technical

Some attacks steal data. Some attacks spy on users. And some attacks have only one goal: to make your service unavailable. DDoS attacks fall into the latter category, and they are more common and more accessible to attackers than many organizations realize. They don't require exploiting a specific vulnerability or gaining access to internal systems.…

In early 2025, internet users across Spain began experiencing something unexpected: legitimate websites going dark, developer tools becoming unreachable, and businesses losing access to their own online services. GitHub, GitLab, Docker registries, corporate websites, and e-commerce platforms all affected not by a cyberattack, not by a provider outage, but by a court-ordered IP block targeting…

Together with Bluella, we've hosted a live technical webinar around a problem that many infrastructure and cybersecurity teams eventually face: What actually happens when applications start failing under pressure? Not in theory. Not in a slide deck. But in real environments, with real traffic, real attacks, and real operational stress. From the beginning, the idea…

In web application security, detecting attacks as early as possible is critical. Every millisecond that a malicious request travels through an infrastructure increases backend exposure and consumes unnecessary resources. Web Application Firewalls (WAFs) based on the OWASP Core Rule Set (CRS) have become one of the most widely used mechanisms to protect applications against attacks…

Open Source infrastructure is often a deliberate and well-reasoned choice. It offers transparency, control and a level of flexibility that fits well with how many engineering teams like to build and operate systems. Deploying an open source load balancer or reverse proxy is usually a conscious decision, backed by solid documentation, community knowledge and proven…

In recent weeks, several incidents surfaced where content providers blocked traffic coming from multi-tenant proxies to stop automated attacks or illegal rebroadcasting. The countermeasure reduced the offensive surface, but also denied access to legitimate users travelling through the same channel. It illustrates a common issue: upstream security — security applied at proxies, CDNs or scrubbing…

Web applications and APIs are now the operational core of most digital services. They process transactions, expose business logic, manage identities, and connect distributed systems that evolve continuously. In parallel, the volume and sophistication of attacks has increased, driven by automation, accessible tooling, and cloud-specific attack vectors. Web Application Firewalls remain a critical part of…

Modern application delivery architectures are built with the right goals in mind. Load balancers distribute traffic, Web Application Firewalls enforce security policies, TLS protects data in transit, and monitoring systems promise observability across the stack. On paper, everything seems covered. In real production environments, however, many of these architectures operate with critical blind spots. Especially…

Open-source software has been one of the most transformative forces in the technology sector. Operating systems, databases, web servers, and encryption libraries that we now consider essential exist thanks to thousands of developers who chose to release their code so that anyone could study it, modify it, and improve it. This model has enabled companies…