awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

Plattformen für API-Sicherheit

Ranking aktualisiert am 30. Juni 2026

For a native security platform for APIs, the strongest matches are tyktechnologies/tyk (Tyk is an open-source API gateway that routes, secures), apache/apisix (Apache APISIX is a comprehensive, self-hosted API gateway that) and kong/kong (Kong is a high-performance API gateway with a extensive). gravitee-io/gravitee-api-management and traefik/traefik round out the shortlist. Each is ranked by relevance to your query, popularity and recent activity.

Finde die besten Plattformen für native API-Sicherheit. Vergleiche Top-Open-Source-Tools, sortiert nach Aktivität und Features, um die beste Lösung für deinen Stack zu finden.

Plattformen für API-Sicherheit

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • tyktechnologies/tykAvatar von TykTechnologies

    TykTechnologies/tyk

    10,744Auf GitHub ansehen↗

    Tyk is an open-source API gateway written in Go that routes, secures, and monitors network traffic across REST, GraphQL, TCP, and gRPC protocols. It functions as a multi-protocol proxy designed to deliver requests to backend services while managing the end-to-end API lifecycle. The system distinguishes itself through a plugin-based architecture that allows for the injection of custom logic into the request and response middleware chain. It also features native Kubernetes integration, operating as an ingress controller that uses operators and custom resource definitions to deploy security poli

    Tyk is an open-source API gateway that routes, secures, and monitors API traffic with built-in rate limiting, authentication standards (OAuth2/OIDC/JWT), API key management, analytics, and self-hosted deployment, directly covering the core security and management capabilities you're looking for.

    GoAPI Usage Analytics
    Auf GitHub ansehen↗10,744
  • apache/apisixAvatar von apache

    apache/apisix

    16,767Auf GitHub ansehen↗

    This project is a high-performance, distributed API gateway designed to manage, secure, and observe traffic for microservices, serverless functions, and artificial intelligence model providers. It functions as a dynamic service proxy and cloud-native ingress controller, centralizing policy enforcement and traffic routing through a unified configuration interface that synchronizes state across multiple nodes in real time. The platform distinguishes itself through a highly extensible architecture that utilizes a high-performance scripting engine to execute modular logic directly within the requ

    Apache APISIX is a comprehensive, self-hosted API gateway that provides built-in rate limiting, OAuth2/OIDC/JWT authentication, schema validation, and observability, directly addressing the need to secure, manage, and protect APIs.

    LuaOIDC Authentication PluginsRequest Logs
    Auf GitHub ansehen↗16,767
  • kong/kongAvatar von Kong

    Kong/kong

    43,653Auf GitHub ansehen↗

    Kong is a high-performance API gateway and service connectivity platform designed to manage, secure, and monitor traffic across distributed microservices and hybrid cloud environments. It functions as a centralized control plane for service governance, providing essential traffic routing, load balancing, and request transformation capabilities to ensure consistent policy enforcement across all service endpoints. The platform distinguishes itself through a modular plugin architecture and a declarative configuration engine that allows infrastructure behavior to be defined via version-controlled

    Kong is a high-performance API gateway with a extensive plugin ecosystem that delivers the security, management, and protection features you need—rate limiting, OAuth2/JWT authentication, API key management, schema validation, and self-hosted deployment—making it a comprehensive API security and gateway platform.

    LuaAPI GatewaysKubernetes Traffic ControllersService Governance Platforms
    Auf GitHub ansehen↗43,653
  • gravitee-io/gravitee-api-managementAvatar von gravitee-io

    gravitee-io/gravitee-api-management

    423Auf GitHub ansehen↗

    Gravitee.io - OpenSource API Management

    Gravitee is an open-source API management platform with a built-in gateway, comprehensive security policies (OAuth2/JWT, rate limiting, API key management), analytics, and self-hosting support — directly addressing the need for a native API security and management tool.

    JavaAPI Management
    Auf GitHub ansehen↗423
  • traefik/traefikAvatar von traefik

    traefik/traefik

    63,644Auf GitHub ansehen↗

    Traefik is a cloud-native edge router and API gateway designed to manage service communication and traffic flow across distributed infrastructure. It functions as a dynamic service proxy that automatically discovers backend services and configures routing rules in real time, eliminating the need for manual restarts or complex configuration updates. By integrating directly with container orchestrators and service registries, it maintains a consistent state for network traffic, load balancing, and security policy enforcement. The project distinguishes itself through its deep integration with di

    Traefik is a cloud-native API gateway that can secure APIs with middleware for rate limiting, authentication (OAuth2/JWT), and policy enforcement, but lacks dedicated API key management, WAF, threat detection, or schema validation, so it fits the category but not as a comprehensive API security platform.

    GoNative API Security
    Auf GitHub ansehen↗63,644
  • alibaba/higressAvatar von alibaba

    alibaba/higress

    7,558Auf GitHub ansehen↗

    Higress is an AI API gateway and cloud-native traffic manager that functions as a Kubernetes ingress controller. It provides a centralized system for routing, securing, and optimizing traffic directed toward large language models, AI agents, and microservice architectures. The project distinguishes itself through deep AI orchestration, including the ability to host and manage Model Context Protocol servers that transform REST APIs into tools for AI agents. It features specialized AI infrastructure for model request proxying, protocol translation across multiple providers, and semantic-based c

    Higress is a cloud-native API gateway and ingress controller that secures and manages traffic, including AI workloads, making it a valid choice for an API security/gateway platform — though its AI focus means some traditional security features like OAuth2, WAF, or rate limiting are not explicitly highlighted in its description.

    GoJWT AuthenticationOIDC Authentication Plugins
    Auf GitHub ansehen↗7,558
  • apache/shenyuA

    apache/shenyu

    8,794Auf GitHub ansehen↗

    Shenyu is a microservices API gateway designed to route external traffic to backend services using dynamic rules and protocol conversion. It functions as a central entry point that manages traffic flow through a combination of an API traffic governor, a distributed configuration manager, and a security layer for protecting endpoints. The project features a dynamic plugin architecture that allows for the injection of custom request processing logic without restarting the server. It utilizes a distributed coordination service to synchronize routing and policy updates across a gateway cluster in

    Shenyu is an API gateway with a security layer and plugin-based extensibility for traffic management and access control, which fits the intended category of an API security/gateway platform, though its coverage of explicit WAF, threat detection, and advanced authentication features is not strongly highlighted in the description.

    JavaAPI GatewayMicroservice Traffic ManagementAPI Access Security
    Auf GitHub ansehen↗8,794
  • wso2/product-apimAvatar von wso2

    wso2/product-apim

    989Auf GitHub ansehen↗

    WSO2 API Manager is a complete platform for building, integrating, and exposing your digital services as managed APIs in the cloud, on-premise, and hybrid architectures to drive your digital transformation strategy.

    WSO2 API Manager is a comprehensive API management platform that includes a gateway with security features like OAuth2, rate limiting, and analytics, fitting the need for an API security and gateway tool.

    JavaAPI GatewaysAPI Management
    Auf GitHub ansehen↗989
  • chaitin/safelineAvatar von chaitin

    chaitin/SafeLine

    21,527Auf GitHub ansehen↗

    SafeLine is a containerized web application firewall and reverse proxy designed to secure web services by inspecting incoming HTTP traffic. It acts as a security gateway that sits in front of backend infrastructure to filter malicious requests and enforce access policies before they reach the application server. The platform distinguishes itself through advanced bot mitigation and content protection capabilities. It employs challenge-response mechanisms to verify human users and dynamically obfuscates HTML and JavaScript content to prevent unauthorized scraping and code tampering. These featu

    SafeLine is a containerized web application firewall and reverse proxy that secures HTTP traffic with rate limiting, bot mitigation, and threat detection, fitting the API security gateway role despite not explicitly offering OAuth2 or schema validation.

    GoWeb Application FirewallsBot BlockingReverse Proxies
    Auf GitHub ansehen↗21,527

Related searches

  • eine Open-Source-Plattform für API-Management
  • Service Mesh für Microservice-Traffic
  • ein automatisierter Sicherheitsscanner für Webanwendungen
  • ein Security-Scanner für mobile Apps
  • Toolkit zur Erkennung von Prompt-Injection-Angriffen
  • Plattform für die Erstellung nativer Integrationen
  • eine anfällige Webanwendung für Sicherheitstrainings
  • Lernpfad für Security-Engineering