Category

Researcher Corner

Category

Intro In the last post, we touched on the topic of GraphQL security. As a reminder, GraphQL is a popular alternative to REST APIs. A single article can not encapsulate all the things one wants to know about such an interesting technology. This installment of the series will look at the first step of analyzing how well GraphQL is protected, specifically securing the GraphQL schema by disabling introspection query which is enabled by default. What…

By @aLLy , Wallarm Research Hello guys, time to talk details about Wallarm FAST (Framework for Application Security Testing). It’s a new automatic web vulnerability scanning and fuzzing detection tool by Wallarm Inc. It is well suited for security researchers in enterprise Red Teams as well as for teams in charge of test automation in CI/CD environments. The main goal of the tool is to help significantly increase security test coverage and to use Wallarm learned…