Operations | Monitoring | ITSM | DevOps | Cloud

A lot can change in three years. The world of 2022 was a quite different place. Queen Elizabeth II was the longest-serving living monarch, the world population hadn’t yet cracked eight billion, and many of us were still emerging from the strangeness of the Covid years. Meanwhile, at HAProxyConf 2022, we unveiled HAProxy Fusion Control Plane for the first time.

HAProxy 3.2 is here, and this release gives you more of what matters most: exceptional performance and efficiency, best-in-class SSL/TLS, deep observability, and flexible control over your traffic. These powerful capabilities help HAProxy remain the G2 category leader in API management, container networking, DDoS protection, web application firewall (WAF), and load balancing.

A critical vulnerability in SAP NetWeaver (CVE-2025-31324) is currently being exploited in the wild. Disclosed on April 24, 2025, this vulnerability has the highest possible CVSS score of 10.0, indicating severe risk. The vulnerability affects SAP NetWeaver Application Server Java's Visual Composer Framework (version 7.50), allowing unauthenticated attackers to upload arbitrary files to NetWeaver servers. This can lead to remote code execution and complete system compromise.

A paper on this topic was prepared for internal use within HAProxy last year, and this version is now being shared publicly. Given the critical role of SSL in securing internet communication and the challenges presented by evolving SSL technologies, reverse proxies like HAProxy must continuously adapt their SSL strategies to maintain performance and compatibility, ensuring a secure and efficient experience for users. We are committed to providing ongoing updates on these developments.

AI is no longer just a buzzword. According to a 2024 McKinsey survey, 72% of companies now use AI in at least one area of their business. By 2027, nearly all executives expect their organizations to use generative AI for both internal and external purposes. However, with this rapid adoption comes significant security risks. As organizations rush to implement AI solutions, many overlook a critical vulnerability: prompt security.

A decision-making framework breaking down the strengths, weaknesses and ideal use cases to help users choose the proper protocol for their systems. Initially published in The New Stack We often think of protocol choice as a purely technical decision, but it's a critical factor in the user experience and how your application is consumed. This is a high-impact business decision, making it crucial for the technical team to first understand the business situation and priorities.

Last week, the cloud-native jamboree that is KubeCon descended on London, UK (my home city), and HAProxy Technologies set out to be the life of the party. This year’s event was our biggest yet, so we brought our A-game – with a huge booth, a lot to show off, and thousands and thousands of T-shirts to fold and give away.

If you’ve worked with VMware Horizon (now Omnissa Horizon), you know it’s a common way for enterprise users to connect to remote desktops. But for IT engineers and DevOps teams? It’s a whole different story. Horizon’s custom protocols and complex connection requirements make load balancing a bit tricky. With its recent sale to Omnissa, the technology hasn’t changed—but neither has the headache of managing it effectively.