diff --git a/README.md b/README.md index d497206..8544807 100644 --- a/README.md +++ b/README.md @@ -3,51 +3,53 @@ ## Product Positioning Tagline options: -"Baffle bots. Calm traffic." (playing on both meanings: confuse + quiet) -"Confuse bots. Calm infrastructure." -"Bewilder bots, silence the chaos" +* "Baffle bots. Calm traffic." (playing on both meanings: confuse + quiet) +* "Confuse bots. Calm infrastructure." +* "Bewilder bots, silence the chaos" ## Target market: -Solo devs/bootstrapped startups (can't afford $249/mo Wafris/Cloudflare) -Privacy-conscious/regulated orgs (data sovereignty requirements) -Self-hosters (infrastructure control enthusiasts) +* Solo devs/bootstrapped startups (can't afford $249/mo Wafris/Cloudflare) +* Privacy-conscious/regulated orgs (data sovereignty requirements) +* Self-hosters (infrastructure control enthusiasts) Cost-sensitive scale-ups (outgrowing free tiers) ## Business Model (Sidekiq-style) -Free (fully functional): +### Free (fully functional): -Ruby/Rack edge agent (2-5ms response time) -Local SQLite rules -IP blocking, rate limiting, geoblocking -Manual rule management -Community support +* Ruby/Rack edge agent (2-5ms response time) +* Local SQLite rules +* IP blocking, rate limiting, geoblocking +* Manual rule management +* Community support -Pro ($99-149/mo): +### Pro ($99-149/mo): -Go edge agent (performance upgrade) -SSO / multi-team -Centralized hub with traffic analytics -Automated rule generation -Adaptive sampling (manual 0-100% toggle for hub load management) -IP reputation feeds -Priority support +* Go edge agent (performance upgrade) +* SSO / multi-team +* Centralized hub with traffic analytics +* Automated rule generation +* Adaptive sampling (manual 0-100% toggle for hub load management) +* IP reputation feeds +* Priority support ## Key Technical Decisions + Traffic categories: -Blocked - Matched deny rule -Allowed - Matched allow rule (fast-path for whitelisted IPs/APIs) -Unmatched - No rules, passed through +* Blocked - Matched deny rule +* Allowed - Matched allow rule (fast-path for whitelisted IPs/APIs) +* Unmatched - No rules, passed through ## OWASP approach: -Don't try to compete with ModSecurity's full CRS -Focus on network-layer threats (bots, rate limiting, IP reputation) -Map to OWASP Top 10 where applicable (A05, A07, partial A01/A03) -Position as complementary to app-layer security +* Don't try to compete with ModSecurity's full CRS +* Focus on network-layer threats (bots, rate limiting, IP reputation) +* Map to OWASP Top 10 where applicable (A05, A07, partial A01/A03) +* Position as complementary to app-layer security + +## Killer Feature: Performance Visibility -### Killer Feature: Performance Visibility Always-on category timing: Track latency by rule type (IP checks, rate limits, regex, etc.)