Category

Wallarm News

Category

In the recent post (https://lab.wallarm.com/340-weak-jwt-secrets-you-should-check-in-your-code/), we presented a wallarm/jwt-secrets GitHub repository with a 340 JSON Web Token secrets available publicly. Using this data, it’s possible to check if you or your developers forgot to change default secrets or used a weak 3rd party library with it. However, the project was not stalled and nowadays we are happy to announce a huge update, which includes more than 1800 new JWT secrets grabbed from public sources like…

JSON Web Token (JWT) is the data format with bill-in signature and encryption mechanisms that are often used by modern web applications to store user sessions and application context, including authentication by SSO and meta-data. Usually, you can find JWT tokens in an Authentication Bearer HTTP headers for authenticated API calls. As Wikipedia says: “The tokens are signed either using a private secret or a public/private key. For example, a server could generate a token…

A lot of IT Security Officers responsible for driving the SOC 2 certification in their companies are probably wondering how the switch to mostly remote workspaces will affect their SOC 2 landscape.  I would say that there are two types of companies affected (or not affected) by the coronavirus: Companies that initially not relied on the security of individual workstations, and heavily used the office network infrastructure to provide necessary vichto and protection for sensitive…

Figma is a powerful tool for interface development and prototyping. We use it to design our products and to create graphic layouts for marketing and other purposes. One of the most significant advantages of Figma is that it allows you to write custom plugins enabling third-party developers to expand the already extensive range of the platform’s capabilities. Let’s discuss one of such plugins. For new brochures, our product designer came up with an interesting concept:…

Wallarm has always stood out from its competitors when it comes to supporting modern stacks. For a long time Wallarm has been the only product to provide comprehensive protection for WebSockets-based web applications. Once again, Wallarm is glad to be the pioneer and add support for the gRPC protocol. The newly added WAF for gPRC feature is available to all the customers that use the latest 2.14 version of Wallarm Node.  Adoption of gPRC Many…