# Zen, in-app firewall for Python 3 | by Aikido
Zen, your in-app firewall for peace of mindβ at runtime.
Zen is an embedded Web Application Firewall that autonomously protects your Python apps against common and critical attacks.
Zen protects your Python apps by preventing user input containing dangerous strings, which allow SQL injections. It runs on the same server as your Python app for simple [installation](https://pypi.org/project/aikido_firewall/#installation) and zero maintenance.
## Features
Zen will autonomously protect your Python applications from the inside against:
* π‘οΈ [NoSQL injection attacks](https://www.aikido.dev/blog/web-application-security-vulnerabilities)
* π‘οΈ [SQL injection attacks]([https://www.aikido.dev/blog/web-application-security-vulnerabilities](https://owasp.org/www-community/attacks/SQL_Injection))
* π‘οΈ [Command injection attacks](https://owasp.org/www-community/attacks/Command_Injection)
* π‘οΈ [Path traversal attacks](https://owasp.org/www-community/attacks/Path_Traversal)
* π‘οΈ [Server-side request forgery (SSRF)](./docs/ssrf.md)
Zen operates autonomously on the same server as your Python app to:
* β
Secure your app like a classic web application firewall (WAF), but with none of the infrastructure or cost.
## Supported libraries and frameworks
Zen for Python 3 is compatible with:
### Web frameworks
* β
[Django](docs/django.md)
* β
[Flask](docs/flask.md)
* β
[Quart](docs/quart.md)
### WSGI servers
* β
[Gunicorn](docs/gunicorn.md)
* β
[uWSGI](docs/uwsgi.md)
### Database drivers
* β
[`mysqlclient`](https://pypi.org/project/mysqlclient/)
* β
[`PyMySQL`](https://pypi.org/project/PyMySQL/)
* β
[`pymongo`](https://pypi.org/project/pymongo/)
* β
[`psycopg2`](https://pypi.org/project/psycopg2)
* β
[`psycopg`](https://pypi.org/project/psycopg)
* β
[`asyncpg`](https://pypi.org/project/asyncpg)
* β
[`motor`](https://pypi.org/project/motor/)
## Reporting to your Aikido Security dashboard
> Aikido is your no nonsense application security platform. One central system that scans your source code & cloud, shows you what vulnerabilities matter, and how to fix them - fast. So you can get back to building.
Zen is a new product by Aikido. Built for developers to level up their security. While Aikido scans, get Zen for always-on protection.
You can use some of Zenβs features without Aikido, of course. Peace of mind is just a few lines of code away.
But you will get the most value by reporting your data to Aikido.
You will need an Aikido account and a token to report events to Aikido. If you don't have an account, you can [sign up for free](https://app.aikido.dev/login).
Here's how:
* [Log in to your Aikido account](https://app.aikido.dev/login).
* Go to [Zen](https://app.aikido.dev/runtime/services).
* Go to apps.
* Click on **Add app**.
* Choose a name for your app.
* Click **Generate token**.
* Copy the token.
* Set the token as an environment variable, `AIKIDO_TOKEN`
## Running in production (blocking) mode
By default, Zen will only detect and report attacks to Aikido.
To block requests, set the `AIKIDO_BLOCKING` environment variable to `true`.
See [Reporting to Aikido](#reporting-to-your-aikido-security-dashboard) to learn how to send events to Aikido.
## Benchmarks
The following table summarizes the performance of both a typical SQL Query and a typical NoSQL Query with and without the Zen, measured in milliseconds :
| Operation | Avg. time w/o Zen | Avg. time w/ Zen | Delta | Delta in % |
| --------- | ---------------------- | --------------------- | ----- | ---------- |
| SQL Query | 1.222 ms | 1.257 ms | +0.035 ms | +3% |
| NoSQL Query | 1.090 ms | 1.110 ms | +0.020 ms | +2% |
See [benchmarks](benchmarks/) folder for more.
## Bug bounty program
Our bug bounty program is public and can be found by all registered Intigriti users [here](https://app.intigriti.com/researcher/programs/aikido/aikidoruntime)
## Contributing
See [CONTRIBUTING.md](.github/CONTRIBUTING.md) for more information.
## Code of Conduct
See [CODE_OF_CONDUCT.md](.github/CODE_OF_CONDUCT.md) for more information.
## Security
See [SECURITY.md](.github/SECURITY.md) for more information.
Raw data
{
"_id": null,
"home_page": "https://www.aikido.dev/runtime/firewall/",
"name": "aikido_firewall",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.8",
"maintainer_email": null,
"keywords": "web application firewall, WAF, cybersecurity, security, firewall, web security, application security, threat detection, intrusion prevention, DDoS protection, malware protection, Python, Python 3, network security, data protection, secure coding, vulnerability management, API security, SSL/TLS, penetration testing",
"author": "Aikido Security",
"author_email": "help@aikido.dev",
"download_url": "https://files.pythonhosted.org/packages/63/64/0a35f7aa15d29e1aa4238b9c48e62cb5435cc16c7bf94d7a8471ee726821/aikido_firewall-1.0.4.tar.gz",
"platform": null,
"description": "\n\n# Zen, in-app firewall for Python 3 | by Aikido\n\nZen, your in-app firewall for peace of mind\u2013 at runtime.\n\nZen is an embedded Web Application Firewall that autonomously protects your Python apps against common and critical attacks.\n\nZen protects your Python apps by preventing user input containing dangerous strings, which allow SQL injections. It runs on the same server as your Python app for simple [installation](https://pypi.org/project/aikido_firewall/#installation) and zero maintenance.\n\n## Features\n\nZen will autonomously protect your Python applications from the inside against:\n\n* \ud83d\udee1\ufe0f [NoSQL injection attacks](https://www.aikido.dev/blog/web-application-security-vulnerabilities)\n* \ud83d\udee1\ufe0f [SQL injection attacks]([https://www.aikido.dev/blog/web-application-security-vulnerabilities](https://owasp.org/www-community/attacks/SQL_Injection))\n* \ud83d\udee1\ufe0f [Command injection attacks](https://owasp.org/www-community/attacks/Command_Injection)\n* \ud83d\udee1\ufe0f [Path traversal attacks](https://owasp.org/www-community/attacks/Path_Traversal)\n* \ud83d\udee1\ufe0f [Server-side request forgery (SSRF)](./docs/ssrf.md)\n\nZen operates autonomously on the same server as your Python app to:\n\n* \u2705 Secure your app like a classic web application firewall (WAF), but with none of the infrastructure or cost.\n\n## Supported libraries and frameworks\n\nZen for Python 3 is compatible with:\n\n### Web frameworks\n\n* \u2705 [Django](docs/django.md)\n* \u2705 [Flask](docs/flask.md)\n* \u2705 [Quart](docs/quart.md)\n\n### WSGI servers\n* \u2705 [Gunicorn](docs/gunicorn.md)\n* \u2705 [uWSGI](docs/uwsgi.md)\n\n### Database drivers\n* \u2705 [`mysqlclient`](https://pypi.org/project/mysqlclient/)\n* \u2705 [`PyMySQL`](https://pypi.org/project/PyMySQL/)\n* \u2705 [`pymongo`](https://pypi.org/project/pymongo/)\n* \u2705 [`psycopg2`](https://pypi.org/project/psycopg2)\n* \u2705 [`psycopg`](https://pypi.org/project/psycopg)\n* \u2705 [`asyncpg`](https://pypi.org/project/asyncpg)\n* \u2705 [`motor`](https://pypi.org/project/motor/)\n\n## Reporting to your Aikido Security dashboard\n\n> Aikido is your no nonsense application security platform. One central system that scans your source code & cloud, shows you what vulnerabilities matter, and how to fix them - fast. So you can get back to building.\n\nZen is a new product by Aikido. Built for developers to level up their security. While Aikido scans, get Zen for always-on protection. \n\nYou can use some of Zen\u2019s features without Aikido, of course. Peace of mind is just a few lines of code away.\n\nBut you will get the most value by reporting your data to Aikido.\n\nYou will need an Aikido account and a token to report events to Aikido. If you don't have an account, you can [sign up for free](https://app.aikido.dev/login).\n\nHere's how:\n* [Log in to your Aikido account](https://app.aikido.dev/login).\n* Go to [Zen](https://app.aikido.dev/runtime/services).\n* Go to apps.\n* Click on **Add app**.\n* Choose a name for your app.\n* Click **Generate token**.\n* Copy the token.\n* Set the token as an environment variable, `AIKIDO_TOKEN`\n\n## Running in production (blocking) mode\n\nBy default, Zen will only detect and report attacks to Aikido.\n\nTo block requests, set the `AIKIDO_BLOCKING` environment variable to `true`.\n\nSee [Reporting to Aikido](#reporting-to-your-aikido-security-dashboard) to learn how to send events to Aikido.\n\n## Benchmarks \nThe following table summarizes the performance of both a typical SQL Query and a typical NoSQL Query with and without the Zen, measured in milliseconds :\n| Operation | Avg. time w/o Zen | Avg. time w/ Zen | Delta | Delta in % |\n| --------- | ---------------------- | --------------------- | ----- | ---------- |\n| SQL Query | 1.222 ms | 1.257 ms | +0.035 ms | +3% |\n| NoSQL Query | 1.090 ms | 1.110 ms | +0.020 ms | +2% |\n\nSee [benchmarks](benchmarks/) folder for more.\n\n## Bug bounty program\n\nOur bug bounty program is public and can be found by all registered Intigriti users [here](https://app.intigriti.com/researcher/programs/aikido/aikidoruntime)\n\n## Contributing\n\nSee [CONTRIBUTING.md](.github/CONTRIBUTING.md) for more information.\n\n## Code of Conduct\n\nSee [CODE_OF_CONDUCT.md](.github/CODE_OF_CONDUCT.md) for more information.\n\n## Security\n\nSee [SECURITY.md](.github/SECURITY.md) for more information.\n",
"bugtrack_url": null,
"license": "AGPL-3.0-or-later",
"summary": "Aikido Zen for Python",
"version": "1.0.4",
"project_urls": {
"Bug Bounty": "https://app.intigriti.com/programs/aikido",
"Bug Tracker": "https://github.com/AikidoSec/firewall-python/issues",
"Homepage": "https://www.aikido.dev/runtime/firewall",
"Source": "https://github.com/AikidoSec/firewall-python"
},
"split_keywords": [
"web application firewall",
" waf",
" cybersecurity",
" security",
" firewall",
" web security",
" application security",
" threat detection",
" intrusion prevention",
" ddos protection",
" malware protection",
" python",
" python 3",
" network security",
" data protection",
" secure coding",
" vulnerability management",
" api security",
" ssl/tls",
" penetration testing"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "d885581cfa6a6519961fb575b24651f5fa9e3624ec7bf8de30ab4610913d0856",
"md5": "d3a82f9de10d26d7bb40d3be50427518",
"sha256": "a881db8dc09c915dbe7b800035e325660a610fc18803e7755c0acf0c0643f113"
},
"downloads": -1,
"filename": "aikido_firewall-1.0.4-py3-none-any.whl",
"has_sig": false,
"md5_digest": "d3a82f9de10d26d7bb40d3be50427518",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.8",
"size": 2018081,
"upload_time": "2024-09-09T15:09:45",
"upload_time_iso_8601": "2024-09-09T15:09:45.757015Z",
"url": "https://files.pythonhosted.org/packages/d8/85/581cfa6a6519961fb575b24651f5fa9e3624ec7bf8de30ab4610913d0856/aikido_firewall-1.0.4-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "63640a35f7aa15d29e1aa4238b9c48e62cb5435cc16c7bf94d7a8471ee726821",
"md5": "816815d86443a361f2aee6b42b7406d2",
"sha256": "902b806814e55c117461e9bfd2edd426f0e62a5a5d68634a7b15623b500f0e9f"
},
"downloads": -1,
"filename": "aikido_firewall-1.0.4.tar.gz",
"has_sig": false,
"md5_digest": "816815d86443a361f2aee6b42b7406d2",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.8",
"size": 1924314,
"upload_time": "2024-09-09T15:09:47",
"upload_time_iso_8601": "2024-09-09T15:09:47.511307Z",
"url": "https://files.pythonhosted.org/packages/63/64/0a35f7aa15d29e1aa4238b9c48e62cb5435cc16c7bf94d7a8471ee726821/aikido_firewall-1.0.4.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-09-09 15:09:47",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "AikidoSec",
"github_project": "firewall-python",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "aikido_firewall"
}
JSON
