[ackbar03]

>Setup machine learning to automate blacklist detection and dynamically update blacklists.

Is there some good plug and play tool for this or something? Id imagine implementing something like this yourself would take quite a bit of time and know how. Are there non-paid solutions out there?

[tasssko]

Using AWS WAF; https://aws.amazon.com/solutions/implementations/aws-waf-sec...

Some bespoke WAF automation setups. You can mix in ML in this to add anomaly detection.

https://aws.amazon.com/blogs/security/automatically-updating...

[ackbar03]

ok, so you were basically just referring to a 3rd party waf... thats cool...

[tasssko]

Sorry it was late past midnight and i did not find anything that could help with a opensource tool like nginx plus modsecurity. However I shared documentation that can help logically identify potential exploits and with nginx plus lua it’s possible this can easily be updated. The OWASP filters are similar. Yes we have done some automation like this many years ago but today we mainly use public cloud WAFs.