Reblaze Wiki


In this category, we will discuss general topics related to cybersecurity. Some of these topics are related to web security and some are general topics related to the field of cybersecurity.

What is a Reverse Proxy?

A reverse proxy sits in-between a client and an origin web server. It intercepts requests at the network edge, ensuring no client can communicate directly with the server. Instead, the client sends its requests to the reverse proxy, which forwards them to the server. Similarly, the reverse proxy receives the responses from the server, and forwards them to the client. Essentially, a reverse proxy is a middleman who stands at the edge between user requests and the network.

What is a False Positive Alarm

A cybersecurity strategy is designed to keep an organization’s data and systems safe. This includes alerts whenever suspicious activity is observed, and usually also includes an automated response of blocking the attack.

What Is a Negative Security Model

Cybersecurity is a complex field that requires constant attention; keeping current on a myriad of evolving attack types, selecting and adopting constantly-changing technology, and so on.

What Is a Positive Security Model

What is the best approach to web application security? For many years, the negative security model was the basis of all WAFs. Today, this is being supplanted by the positive security model.


For decades, web applications have suffered the consequences of malicious bot traffic. Bots can be coordinated to gather data from a site, abuse mechanics of a site, or even disrupt its services with a full-scale DDoS (Distributed Denial of Service) attack.

What Is the OSI Model

On the web today, information can be transmitted to the other side of the globe in a few milliseconds. Most users do not understand how this works, nor do they need to do so. However, some people need to interact with and influence web traffic in one way or another


In cybersecurity, a Zero-Day refers to a vulnerability in a computer or software product—one that has been discovered by threat actors, but has not yet been discovered by the vendor or by security researchers.