Wallarm

In API Security

Two critical security flaws found in Nginx-Ingress controller

May 12, 2022 3 Mins Read

Ingress controllers allow users to configure an HTTP load balancer for applications running on Kubernetes. It’s needed to serve those applications to clients outside of the Kubernetes Cluster. It’s also configured with Kubernetes API to deploy objects called Ingress Resources The NGINX Ingress Controller is a production-grade Ingress controller (daemon) that runs alongside NGINX Open Source or NGINX Plus instances in a Kubernetes environment. The daemon monitors NGINX Ingress resources and Kubernetes Ingress resources to…

In API Security

CVE-2022-1388: Critical security vulnerabilities in F5 Big-IP allows attackers to execute arbitrary code

May 6, 2022 2 Mins Read

On May 5, 2022, MITRE published CVE-2022-1388, an authentication bypass vulnerability in the BIG-IP modules affecting the iControl REST component.…

In API Security

OSS API Firewall Unveils new Feature: Blacklist for Compromised API Tokens and Cookies

March 31, 2022 4 Mins Read

Discovering and securing any API is one of the most difficult challenges for developers. The API security landscape is constantly…

In API Security

Update on 0-day vulnerabilities in Spring (Spring4Shell and CVE-2022-22963)

March 30, 2022 2 Mins Read

Quick update There are two vulnerabilities: one 0-day in Spring Core which is named Spring4Shell (very severe, exploited in the…

In Researcher Corner

Security Software Developer – Job Description and How to Become One

February 15, 2022 6 Mins Read

Introduction The cybersecurity industry is daily growing bigger daily and creating numerous roles for anyone to specialize in. One of…

In Researcher Corner

Cybersecurity Engineer Guide – Job Description and How to Become

January 28, 2022 8 Mins Read

Introduction The interest for network security occupations is soaring, but the arrangement is at an incredible insufficient. Experts anticipate a…

In API Security

5 things you must know about Log4Shell

December 10, 2021 2 Mins Read

This is the largest vulnerability we have seen in years. You may still be vulnerable even if your project is…

In API Security

Log4j 0day mitigation update CVE-2021-44228

December 10, 2021 2 Mins Read

Wallarm has rolled out the update to detect and mitigate CVE-2021-44228. No additional actions are required from the customers Attempts…

In API Security

Invisible rat: how Sentry, Datadog, and others used by XSS and JavaScript malware

December 1, 2021 4 Mins Read

We all know how it’s convenient to use tools like Sentry or Datadogs for JavaScript events monitoring. It allows to…

In Wallarm News

Scholarship Results

November 25, 2021 1 Min Read

It’s time to sum up the results of the 2021 scholarship! As you know, we extended the scholarship for 1…

Discovering shadow APIs with a API firewall

In API Security

Discovering Shadow APIs with Wallarm API firewall

November 8, 2021 4 Mins Read

Shadow APIs can be defined as active endpoints that you are not aware of. Some APIs are deployed but never…