Recent Blog Posts

May 22, 2012
Last week we changed the license of LibHTP from the Apache Software License version 2 (ASLv2) to a BSD 3-clause. We did this to work...
February 21, 2012
Brian reminds me that Ohloh tracks our development progress, so if you're interested you can have a look (there are two projects, tracking IronBee and...

We are looking for early adopters and those who wish to participate in shaping the project:

  • Developers to work on the IronBee core and on the security modules
  • Application defenders to tell us what they need and to provide feedback on our proposed solutions (e.g., configuration language, signature language)
  • Application security researchers to exchange attack information, write signatures and rules, and design new detection and protection techniques
  • Web server and proxy developers to help us make IronBee work in their environments
  • Distribution maintainers to package IronBee to run on their systems
  • Infrastructure and cloud providers to help make IronBee effective for embedding into their infrastructures.


  • IronBee - universal web application security sensor intended for real-time monitoring and defense
  • LibHTP - security-aware library for the parsing of HTTP and related content


IronBee Whitepaper
The IronBee Whitepaper goes into detail about quest for a universal web application firewall engine, which can be used for protection and application security monitoring.

Mailing lists

We invite you to join us in shaping the IronBee project:


Our development infrastructure is provided by GitHub and SourceForge:


Core Team

  • Sam Baskinger
  • Craig Forbes
  • Nick LeRoy
  • Brian Rectanus