Arcjet Blog
blog.arcjet.com/
How long until we need to block Google?
Google AI Overviews are causing fewer clicks for some site owners. If this is a fundamental shift in the web's traffic economy, how can site owners control where their content appears?
How Arcjet approaches open source
How we think about open source licensing, releasing open source projects, forks, and contributing upstream.
Arcjet product philosophy: products & primitives
How do you design a security product for developers when they allegedly don't care about security?
Devcontainers, Little Snitch, macOS TCC - protecting developer laptops
How we implement different layers to secure our developer laptops & environments: Devcontainers, outbound firewall, macOS Transparency Consent and Control framework, and SSH agent for Git keys.
How we run Arcjet like an open source project
Tips and tools for running a devtools startup remotely in 2025. Document everything. Async workflows. Periodic in-person.
Bot detection techniques for developers
Bots now make up nearly half of all internet traffic - and many aren’t playing fair. Learn how to detect malicious crawlers, distinguish between AI agents, and defend your app using layered bot protection strategies like user-agent verification, fingerprinting, and rate limiting.
Low latency global routing with AWS Global Accelerator
How Arcjet uses AWS Global Accelerator to route API requests via low-latency private networking to meet our end-to-end p50 latency SLA of 20–30ms.
Next.js middleware bypasses: How to tell if you were affected?
How to detect Next.js middleware bypass exploits (CVE-2025-29927 & CVE‑2024‑51479) in request logs and using Arcjet for incident forensics.