How do I verify Gladius's published security score?

Run: npx @gladius/bench --verify-claim=c564a85883ab96b1 — outputs MATCH if the suite and engine produce the published fingerprint. Takes about 60 seconds.

What is the gladius-bench benchmark?

An open-source Apache 2.0 reproducible 911-scenario adversarial benchmark for HTTP detection engines. 9 difficulty tiers (weights 1 to 256), 7 mutation strategies, MITRE ATT&CK mapping, 100% SaaS-web technique coverage.

Why is detection-engine effectiveness usually not comparable?

Commercial WAF vendors publish marketing claims (e.g. 99.9% catch rate) but not the test methodology behind them. Without a public, reproducible benchmark, buyers cannot compare engines on measurable detection capability. gladius-bench makes the comparison possible.

Can I report a security vulnerability to Gladius?

Yes — file via gladiuscrm.com/security/report or email security@gladiuscrm.com. Bug bounty launches Q4 2026 with retroactive eligibility for earlier disclosures.

Security at Gladius

Our security is publicly verifiable.

GladiusDefense is the detection engine running on every gladiuscrm.com request. Its score on our published benchmark — and its false-positive rate on simulated production traffic — are both measurable, reproducible, and below this page. You don't have to take our word for any of it.

Benchmark IQ

236 / 240

Grade S · v6 formula

False-positive rate

0.000%

5,000 synthetic legit-traffic rows

Scenarios passed

911 / 911

across 114 attack families

ATT&CK coverage

100%

of SaaS-web techniques

Verify this yourself

Our benchmark is open-source. The fingerprint c564a85883ab96b1 is a SHA-1 over (scenario_id : detected : remediated) for the suite. Identical inputs → identical fingerprint. Run it:

npx @gladius/bench --verify-claim=c564a85883ab96b1
# → {"verification":"MATCH","externalIqScore":236,"grade":"S"}

The benchmark is Apache 2.0. The proprietary detection engine ships separately under a commercial license — you run the eval; we run the engine.

What we measure

9-tier difficulty ladder

easy (weight 1) through transcendent (weight 256). A perfect score on easy/medium scenarios with zero legendary+ catches caps at C grade.

Adversarial mutation survival

5,600 mutations per run (40 base attacks × 7 strategies × 20 mutations). Tests whether rules still catch the attack after an adversary iterates. Current: 89.3%.

Behavioral anomaly sensor

8 detectors: timing anomalies, mechanical jitter, circadian shifts, zero-dwell forms, keystroke biometric mismatch, cold-then-burst, pixel-perfect-mouse, path enumeration. Current: 100%.

FP discipline on benign traffic

Audited against 5,000-row synthetic prod log mimicking dealership traffic: dashboard, marketing, webhooks, OAuth, dealer names with apostrophes (Bob's Honda of Tampa). Zero false positives.

Our public commitments

ReproducibilityEvery published score includes a deterministic fingerprint. Anyone with the repo can verify it in < 60 seconds.
Open benchmarkThe 911-scenario suite, 7-strategy mutation harness, and 8-detector behavior sensor are Apache 2.0. We benchmark our engine the same way we benchmark anyone else's.
CVE adaptationOur threat-intel pipeline pulls CISA-KEV + NVD + GHSA every 6 hours, synthesizes rules automatically, FP-gates against benign anchors, auto-activates if confidence + severity thresholds pass. Median CVE-to-rule latency published at /security/latency (live data once dev DB wired).
External validationThird-party red-team engagement Q3 2026. Their report (findings + executive summary) will be linked here when delivered.
Responsible disclosureSecurity researchers: email security@gladiuscrm.com with findings. 72-hour acknowledgment. 90-day disclosure window. Bounties for verified findings are planned for late 2026.

What this page does NOT claim

• The 0% FP rate is measured on synthetic production traffic. Real customer logs may surface FP categories the synth doesn't model. We'll publish a real-traffic audit when 24h of access logs have been processed.
• A 236/240 score means our engine catches what the benchmark probes. New attack classes appear constantly; we ship rules continuously, but no engine is permanently complete.
• Stateful detection (multi-request attack chains, behavioral anomalies) is wired into the production hot path but currently runs in observe-only mode (header signal, no block). Active enforcement enables Q3 2026.

github.com/wewillwin2026/gladius-bench·MITRE ATT&CK v15.1 Enterprise·OCSF v1.1 DetectionFinding

Suite version: 2026-06-02 · Last updated: 2026-06-02

Verify this yourself

Our benchmark is open-source. The fingerprint c564a85883ab96b1 is a SHA-1 over (scenario_id : detected : remediated) for the suite. Identical inputs → identical fingerprint. Run it:

npx @gladius/bench --verify-claim=c564a85883ab96b1 # → {"verification":"MATCH","externalIqScore":236,"grade":"S"}

The benchmark is Apache 2.0. The proprietary detection engine ships separately under a commercial license — you run the eval; we run the engine.

What we measure

9-tier difficulty ladder

easy (weight 1) through transcendent (weight 256). A perfect score on easy/medium scenarios with zero legendary+ catches caps at C grade.

Adversarial mutation survival

5,600 mutations per run (40 base attacks × 7 strategies × 20 mutations). Tests whether rules still catch the attack after an adversary iterates. Current: 89.3%.

Behavioral anomaly sensor

8 detectors: timing anomalies, mechanical jitter, circadian shifts, zero-dwell forms, keystroke biometric mismatch, cold-then-burst, pixel-perfect-mouse, path enumeration. Current: 100%.

FP discipline on benign traffic

Audited against 5,000-row synthetic prod log mimicking dealership traffic: dashboard, marketing, webhooks, OAuth, dealer names with apostrophes (Bob's Honda of Tampa). Zero false positives.

Our public commitments

ReproducibilityEvery published score includes a deterministic fingerprint. Anyone with the repo can verify it in < 60 seconds.

Open benchmarkThe 911-scenario suite, 7-strategy mutation harness, and 8-detector behavior sensor are Apache 2.0. We benchmark our engine the same way we benchmark anyone else's.

CVE adaptationOur threat-intel pipeline pulls CISA-KEV + NVD + GHSA every 6 hours, synthesizes rules automatically, FP-gates against benign anchors, auto-activates if confidence + severity thresholds pass. Median CVE-to-rule latency published at /security/latency (live data once dev DB wired).

External validationThird-party red-team engagement Q3 2026. Their report (findings + executive summary) will be linked here when delivered.

Responsible disclosureSecurity researchers: email security@gladiuscrm.com with findings. 72-hour acknowledgment. 90-day disclosure window. Bounties for verified findings are planned for late 2026.

What this page does NOT claim

• The 0% FP rate is measured on synthetic production traffic. Real customer logs may surface FP categories the synth doesn't model. We'll publish a real-traffic audit when 24h of access logs have been processed.

• A 236/240 score means our engine catches what the benchmark probes. New attack classes appear constantly; we ship rules continuously, but no engine is permanently complete.

• Stateful detection (multi-request attack chains, behavioral anomalies) is wired into the production hot path but currently runs in observe-only mode (header signal, no block). Active enforcement enables Q3 2026.