Category

Network Security

Category

The main things that prevent enabling security solutions like WAF/RASP/IDS/IPS in a blocking mode are false positives. Probably the second one is their inline performance and additional latency, but still. As a cloud-native WAF vendor, we at Wallarm are actively checking our products for false positives to continuously deliver better detection quality for our customers. One of the ways to address false positives is to detect it early before the real customer will be blocked.…

One of the services Wallarm offers today are Pentest Audits. Our team has met a new challenging task at a recent project: penetration test & usage for Apache Solr V4.10.4. We want to use this blog to describe the way we have identified vulnerability & managed to execute commands with root privileges. Hope that it will help DevOps teams & sysadmins with Apache Solr deployment & to protect their data. While working on a new…

Last month, Wallarm Cybersecurity Strategist Kavya Pearlman interviewed cyberwar fare expert Chris Kubecka via a webinar session that was well attended and very timely discussion. If you missed the webinar, worry not! Here is a quick recap of the discussion around “Application Security in the age of Cyberwar”. These days we must be prepared to fight off not just hackers in search of simple financial gain, but malicious actors funded by hostile states. Asymmetry is…

Testing the security of the corporate applications is a part of every-day life for Ops and DevOps professionals. Larger companies have whole teams dedicated to independent security testing, called Red Teams. These folks use various tools at their disposal to discover the flaws in both applications and infrastructure. These teams often take the same approach as pen testers — external contractors that are hired to penetrate the company defences. More recently, many companies are supplementing their internal…

by bo0om, Wallarm Research Imaging a scary scenario: you open a simple html document, and after a little while, your proprietary files unbeknownst to you find their way to somebody else’s hard drive… Documents, source code, SSH keys, passwords…All the files you, the authorized user, have access to — gone. Impossible? Not quite. Some of the commonly used browsers may actually allow this scenario. Generally, an attack works something like this: User opens html document in a…

With all the time and resources we allocate to finding application vulnerabilities it’s easy to forget that 3rd party libraries and software can introduce vulnerabilities into our applications as well. Hackers know this and they try to exploit them. In this blog post we will illustrate a vulnerability found within one of the LinkedIn services. The security issue was discovered in December 2015 and was fixed within 24 hours by the LinkedIn team. What is XXE…