update
This commit is contained in:
Dan Milne
58
README.md
58
README.md
@@ -3,51 +3,53 @@
|
|||||||
## Product Positioning
|
## Product Positioning
|
||||||
Tagline options:
|
Tagline options:
|
||||||
|
|
||||||
"Baffle bots. Calm traffic." (playing on both meanings: confuse + quiet)
|
* "Baffle bots. Calm traffic." (playing on both meanings: confuse + quiet)
|
||||||
"Confuse bots. Calm infrastructure."
|
* "Confuse bots. Calm infrastructure."
|
||||||
"Bewilder bots, silence the chaos"
|
* "Bewilder bots, silence the chaos"
|
||||||
|
|
||||||
## Target market:
|
## Target market:
|
||||||
|
|
||||||
Solo devs/bootstrapped startups (can't afford $249/mo Wafris/Cloudflare)
|
* Solo devs/bootstrapped startups (can't afford $249/mo Wafris/Cloudflare)
|
||||||
Privacy-conscious/regulated orgs (data sovereignty requirements)
|
* Privacy-conscious/regulated orgs (data sovereignty requirements)
|
||||||
Self-hosters (infrastructure control enthusiasts)
|
* Self-hosters (infrastructure control enthusiasts)
|
||||||
Cost-sensitive scale-ups (outgrowing free tiers)
|
Cost-sensitive scale-ups (outgrowing free tiers)
|
||||||
|
|
||||||
## Business Model (Sidekiq-style)
|
## Business Model (Sidekiq-style)
|
||||||
Free (fully functional):
|
### Free (fully functional):
|
||||||
|
|
||||||
Ruby/Rack edge agent (2-5ms response time)
|
* Ruby/Rack edge agent (2-5ms response time)
|
||||||
Local SQLite rules
|
* Local SQLite rules
|
||||||
IP blocking, rate limiting, geoblocking
|
* IP blocking, rate limiting, geoblocking
|
||||||
Manual rule management
|
* Manual rule management
|
||||||
Community support
|
* Community support
|
||||||
|
|
||||||
Pro ($99-149/mo):
|
### Pro ($99-149/mo):
|
||||||
|
|
||||||
Go edge agent (performance upgrade)
|
* Go edge agent (performance upgrade)
|
||||||
SSO / multi-team
|
* SSO / multi-team
|
||||||
Centralized hub with traffic analytics
|
* Centralized hub with traffic analytics
|
||||||
Automated rule generation
|
* Automated rule generation
|
||||||
Adaptive sampling (manual 0-100% toggle for hub load management)
|
* Adaptive sampling (manual 0-100% toggle for hub load management)
|
||||||
IP reputation feeds
|
* IP reputation feeds
|
||||||
Priority support
|
* Priority support
|
||||||
|
|
||||||
## Key Technical Decisions
|
## Key Technical Decisions
|
||||||
|
|
||||||
Traffic categories:
|
Traffic categories:
|
||||||
|
|
||||||
Blocked - Matched deny rule
|
* Blocked - Matched deny rule
|
||||||
Allowed - Matched allow rule (fast-path for whitelisted IPs/APIs)
|
* Allowed - Matched allow rule (fast-path for whitelisted IPs/APIs)
|
||||||
Unmatched - No rules, passed through
|
* Unmatched - No rules, passed through
|
||||||
|
|
||||||
## OWASP approach:
|
## OWASP approach:
|
||||||
|
|
||||||
Don't try to compete with ModSecurity's full CRS
|
* Don't try to compete with ModSecurity's full CRS
|
||||||
Focus on network-layer threats (bots, rate limiting, IP reputation)
|
* Focus on network-layer threats (bots, rate limiting, IP reputation)
|
||||||
Map to OWASP Top 10 where applicable (A05, A07, partial A01/A03)
|
* Map to OWASP Top 10 where applicable (A05, A07, partial A01/A03)
|
||||||
Position as complementary to app-layer security
|
* Position as complementary to app-layer security
|
||||||
|
|
||||||
|
## Killer Feature: Performance Visibility
|
||||||
|
|
||||||
### Killer Feature: Performance Visibility
|
|
||||||
Always-on category timing:
|
Always-on category timing:
|
||||||
|
|
||||||
Track latency by rule type (IP checks, rate limits, regex, etc.)
|
Track latency by rule type (IP checks, rate limits, regex, etc.)
|
||||||
|
|||||||
Reference in New Issue
Block a user