Wallarm Blog - Cloud-Native Application Security

In Web Application Security

When your WAF needs its own WAF

February 14, 2020 2 Mins Read

Security products have their own security issues, which can affect products that they were designed to secure. It’s not a recursive loop, but the reality. WAFs there are not an exclusion. You can remember CloudFlare self-DoS that happened last year (https://blog.cloudflare.com/details-of-the-cloudflare-outage-on-july-2-2019/) because of an issue in RegExp signature they applied. Or Imperva’s data breach that disclosures API keys of their clients https://krebsonsecurity.com/2019/08/cybersecurity-firm-imperva-discloses-breach/ The latest thing with ModSecurity (https://www.secjuice.com/modsecurity-vulnerability-cve-2019-19886/) is another one example of how it’s…

In Wallarm News

RSA 2020 – Must Visit

February 11, 2020 4 Mins Read

Visit Wallarm at RSA 2020 booth #4118 + see a list of other events going on during the conference for a richer experience

In Researcher Corner

Blind SSRF exploitation

February 11, 2020 10 Mins Read

There is such a thing as SSRF. There’s lots of information about it, but here is my quick summary. Let’s say you go to a website, fill out your profile, and get to the “Upload Profile Picture” step. And you have a choice: upload a file or specify a link.

In Wallarm News

Wallarm team is growing!

February 7, 2020 3 Mins Read

Wallarm’s unique approach provides actionable insight that identifies and protects against real attacks and vulnerabilities. I’m excited to be part of the team that automates this for modern services and cloud-based applications.

In WAF

Native integrations in Wallarm WAF

February 6, 2020 3 Mins Read

How to configure sending reports to email? How to get a notification to the messenger about an event requiring a response? How to connect Wallam and other solutions that use DevOps and the security team? Integrations will help to solve all these issues in Wallam WAF. And today we’ll talk about them in more detail.

In API Security

The most cited Wallarm researches in 2019

February 2, 2020 5 Mins Read

Our researchers are constantly working on information security issues and in 2019 we published dozens of articles on this topic. Stay with us and let’s make the IT world safer together!

In API Security

Putting Wallarm Management Console on a Fast Track

January 2, 2020 7 Mins Read

With this update we significantly reduced Elasticsearch load and thereby improved the responsiveness of the user interface with an attack showing up within seconds of being detected. Our new user-friendly interface has a lag time of no more than 5 seconds.

In API Security

Cybersecurity: What to Expect in the Year Ahead

December 30, 2019 7 Mins Read

So, what lies ahead? Let’s turn over our virtual coffee cups and read the coffee grounds. …. report also shows that as many as 60% of all hacker attacks are using a compromised web application to gain unauthorized access or steal data.

In API Security

A Match Made in the Clouds

December 18, 2019 7 Mins Read

With recent explosion of Kubernetes adoption and Wallarm’s consistent effort to deliver Kubernetes native security offerings, I feel tremendous confidence in our collective ability to stay ahead of the emerging threats in the cloud native ecosystem.

In Cloud Security

New Wallarm Dashboard

December 17, 2019 3 Mins Read

There is an update in the Wallarm Console, which presents a brand new dashboard that can’t be missed. There are three…

In API Security

GraphQL Batching Attack

December 13, 2019 6 Mins Read

There is a new attack surface when the app tech stack includes GraphQL. It’s Batched Attacks on GraphQL APIs. How can these apps be protected? Read more to find out.