WasmAssembly Protecting apps with Arcjet through WebAssembly
5 snips
Feb 3, 2025 David Mytton, CEO of Arcjet and co-founder of Console, builds developer-first security tools and contributes to Wasm, Go, and Rust. He discusses using WebAssembly for sandboxed, high-performance protections like bot detection, rate limiting, and data redaction. Conversation covers server-side Wasm design, serverless constraints and optimizations, cross-language bindings, and tradeoffs between open and proprietary Wasm components.
AI Snips
Chapters
Books
Transcript
Episode notes
Security Implemented As Code
- Arcjet treats security as code by embedding protections directly into app code via an SDK.
- This keeps rules testable, dynamic, and close to application context for fine-grained responses.
Same Wasm Code Locally And Server-Side
- Arcjet runs a shared WebAssembly module locally in the app and on Arcjet servers to run identical analysis.
- WebAssembly gives sandboxing and near-native performance, minimizing latency in security checks.
Tune Wasm For Serverless Constraints
- Optimize Wasm build settings for each serverless provider to balance startup time and bundle size.
- Split and lazy-load Wasm components and trim heavy libraries like regex engines to reduce package size.
