Security products have their own security issues, which can affect products that they were designed to secure. It’s not a recursive loop, but the reality. WAFs there are not an exclusion. You can remember CloudFlare self-DoS that happened last year (https://blog.cloudflare.com/details-of-the-cloudflare-outage-on-july-2-2019/) because of an issue in RegExp signature they applied. Or Imperva’s data breach that disclosures API keys of their clients https://krebsonsecurity.com/2019/08/cybersecurity-firm-imperva-discloses-breach/ The latest thing with ModSecurity (https://www.secjuice.com/modsecurity-vulnerability-cve-2019-19886/) is another one example of how it’s…

There is such a thing as SSRF. There’s lots of information about it, but here is my quick summary. Let’s say you go to a website, fill out your profile, and get to the “Upload Profile Picture” step. And you have a choice: upload a file or specify a link.

Wallarm’s unique approach provides actionable insight that identifies and protects against real attacks and vulnerabilities. I’m excited to be part of the team that automates this for modern services and cloud-based applications.

How to configure sending reports to email? How to get a notification to the messenger about an event requiring a response? How to connect Wallam and other solutions that use DevOps and the security team? Integrations will help to solve all these issues in Wallam WAF. And today we’ll talk about them in more detail.

With recent explosion of Kubernetes adoption and Wallarm’s consistent effort to deliver Kubernetes native security offerings, I feel tremendous confidence in our collective ability to stay ahead of the emerging threats in the cloud native ecosystem.