包阅导读总结
1.
关键词:Arcjet、WebAssembly、安全 SDK、开发者、应用保护
2.
总结:Arcjet 是一家旧金山的初创公司,推出创新安全 SDK,通过嵌入 WebAssembly 模块实现本地请求分析,与应用紧密集成,支持多种语言,旨在为开发者提供更便捷高效的应用保护,在攻击检测和机器人保护方面受关注。
3.
主要内容:
– Arcjet 推出创新安全 SDK
– 采用新颖方法,嵌入 WebAssembly 模块
– 模块由 Rust 编译,提供安全沙箱,近原生速度分析请求
– 无 Wasm 时回退实时 API
– 特点与优势
– 紧密集成应用,开发者可定制安全规则
– 解决语言差异问题,节省开发时间
– 提供原生安全解决方案,支持多种现代平台
– 服务器端方案,支持多语言
– 用 Rust 因 Wasm 能力和效率
– 少量代码实现安全措施
– 与竞品区别
– 直接集成到应用代码,上下文感知保护
– 客户反馈与应用场景
– 用于攻击检测和机器人保护
– 提升销售团队信号,整合进表单
– 集成简单,快速运行
– 旨在使安全更易获取,不同于“左移”方法
思维导图:
文章地址:https://thenewstack.io/arcjet-launches-wasm-powered-security-for-modern-developers/
文章来源:thenewstack.io
作者:Darryl K. Taft
发布时间:2024/9/10 19:32
语言:英文
总字数:821字
预计阅读时间:4分钟
评分:82分
标签:WebAssembly,安全开发套件,Rust,应用安全,开发安全运维
以下为原文内容
本内容来源于用户推荐转载,旨在分享知识与观点,如有侵权请联系删除 联系邮箱 media@ilingban.com
Arcjet, a San Francisco startup offering an innovative security SDK for developers to protect applications in production, launched today.
Arcjet’s novel approach involves embedding a WebAssembly (Wasm) module in its SDK, allowing for local analysis of incoming requests at near-native speed.
The Wasm module is compiled from Rust and provides a secure sandbox for analysis, which is cross-platform and will be extended to other languages beyond JavaScript, David Mytton, founder of Arcjet, told The New Stack.
Where Wasm isn’t available, Arcjet falls back to its real-time API. This is a gRPC API deployed in the closest cloud region to your app, but it also calls the exact same Wasm module, Mytton said.
“This solves the problem of language-level implementation differencesand allows us to useGo for the API — it’s the best for gRPC,” he said. “This gives us the same guarantees as server side —sandbox performance and exactly the same result as if it were executed in the developer’s environment.” The company aims for a 20ms response time service-level agreement for its API.
“Without Wasm we’d have to write that security analysis code from scratch for each language we wanted to support,” Mytton said. “Instead, we can write it once [in Rust] and then compile it to Wasm.
“This saves a lot of time but also means we can inherit the properties of Wasm everywhere, in particular native performance and the security sandbox. Otherwise, we’d have to figure those out in every environment as well.”
Developer Velocity and Security
Arcjet’s differentiation is its close integration with applications, allowing developers to design tailored security rules.
“As developers are building more apps with AI and deploying them faster thanks to platforms like Vercel and Fly.io, just throwing a firewall in front of your app is no longer sufficient,” Mytton said. “Network-level solutions lack the context needed to distinguish anonymous abuse versus traffic actually coming from your largest customer. Getting it wrong is expensive, especially with the cost of AI inference.”
Arcjet offers native security solutions for modern platforms like Next.js, Node.js, Bun, SvelteKit, Fly.io, Netlify and Vercel.
However, Arcjet is a server-side solution. “JavaScript frameworks like Next.js allow you to write all your backend code in JavaScript and connect it to the frontend, but everything Arcjet does is server side,” Mytton said. “The other languages we’re going to support are all server-side as well: Python next, then Ruby, PHP and Go.”
Arcjet chose Rust for its WebAssembly capabilities and efficiency, particularly in avoiding the need to bundle a garbage collector.
Moreover, Mytton added, “most discussion about Wasm is client side in the browser, but I think this cross-platform server-side use case is more interesting.”.
A side benefit is that the same Arcjet code that runs in production and can also run on the developer laptop or in staging, so you can actually run tests against your security rules.
Few Lines of Code
The product allows developers to implement security measures with a few lines of code, integrating directly into their application.
“Arcjet has helped us easily invest in the security and efficiency of our platform,” Chris Ellis, co-founder and CEO of Thatch, a beta user of Arcjet, told The New Stack.
“Unlike a separate security service that gives us little visibility into its impact on our system, Arcjet gives us rich application-level insights at runtime that help us build security automations in critical parts of our application, from sales to customer onboarding.”
Arcjet differentiates itself from competitors like Cloudflare by integrating security directly into the application code, allowing for context-aware protection.
“Arcjet’s approach focuses on context-aware security that can dynamically adjust based on factors like user authentication, pricing plans and IP reputation,” Zane Lackey, general partner at Andreessen Horowitz, which has invested in the company, told The New Stack.
“Arcjet’s technology represents a significant leap forward compared to previous security solutions. By integrating directly with modern frameworks and platforms, it delivers a vastly improved developer experience — a critical element that has long been missing from traditional security tools.”
Better Than Shifting Left?
The company is seeing interest from customers looking to use the Arcjet tool in attack detection and bot protection, especially for AI applications where each request has a direct cost.
“We’ve been able to use Arcjet to give our sales team better signals on the validity of a lead, and we’re working on integrating Arcjet into our demo intake form, enabling us to create a low-friction sales intake form that’s protected from bots and spam,” Ellis said.
“Integrating with Arcjet was also very straightforward, given their plug-and-play and well-documented SDK. We were up and running in a couple of days.”
Arcjet aims to make security more accessible to developers, as opposed to the “shift left” approach, Mytton said.
“DevSecOps just hasn’t really worked,” he said.
YOUTUBE.COM/THENEWSTACK
Tech moves fast, don’t miss an episode. Subscribe to our YouTubechannel to stream all our podcasts, interviews, demos, and more.