Beyond Rate Limiting: Building an Active Learning Defense System in Django
2025-09-09 , Room B

Most of us protect our Django apps with static rules block a few things, set some rate limits, hope for the best. But attackers are getting smarter, and our defenses aren’t keeping up. In this talk, I want to show you a different approach: a way for your Django app to actually learn from real traffic and get better at protecting itself over time.

I’ll introduce you to AIWAF, a Django-native Web Application Firewall that trains itself by analyzing your web logs. It learns what normal behavior looks like and more importantly without needing constant manual rule updates. It can catch things like 404 floods, UUID tampering, honeypot field triggers, and suspicious burst attacks automatically.

Under the hood, AIWAF is powered by a lightweight machine learning model (Isolation Forest) combined with simple but powerful behavior statistics. No machine learning background is needed it integrates into Django just like any middleware or management command.

AIWAF is built for the small teams, the indie devs, the nonprofits for anyone who wants real-world, adaptive security without enterprise-level costs or complexity.


What if your Django app could defend itself and get smarter over time? In this talk, we'll dive into AIWAF, an open-source, Django-native firewall that learns from real web traffic to catch suspicious behavior like 404 floods, probing attacks, and UUID tampering. You'll learn how easy it is to plug AIWAF into your project and build a self-adapting defense system without needing a full security team.

I'm Aayush Gauba, a developer and security enthusiast who loves building systems that think. I work extensively with Django and machine learning to create practical tools that go beyond automation, they learn, adapt, and evolve. Whether it's developing face recognition systems, experimenting with quantum-inspired AI, or building defense systems that block threats after a single attempt, I enjoy turning bold ideas into working code. I'm always exploring how to make the web smarter and safer. When I'm not coding, I'm usually testing unconventional ideas or refining something I built at 2 a.m.