415 Brannan St, San Francisco, CA 94107

2020 © Wallarm Inc.

Ivan Novikov

CEO at Wallarm

Besides being a co-founder of Wallarm, Ivan Novikov also is:

  • provider of AI-powered application security;
  • white-hat security professional with over 12 years of experience in security services;
  • inventor of memcached injection and SSRF exploit class
  • recipient of bounty awards from Google and Facebook
  • speaker at HITB, Black Hat, and other industry events.


GraphQL is a meta-layer with built-in query language to access object-oriented data. It’s based on JSON-encoded HTTP requests with custom queries inside. Unlike REST, there is no data inside the URL.

These differences between traditional REST APIs and GraphQL ones can create challenges for security.  Legacy web application firewalls (WAFs), which rely upon features like data in the URL to identify potential threats, are unable to detect and block attacks against GraphQL APIs.

Representational state transfer (REST) APIs are the most popular type of API.  However, GraphQL is rapidly growing in popularity as a competitor to REST.

Watch a webinar

Practical Webinar  
January 7th at 11 am PST /  2 pm EST

Get practical knowledge on how to protect modern APIs with your WAF

Securing GraphQL API

December 10th at 11 am PST /  2 pm EST

Securing GraphQL API

Get practical knowledge on how to protect modern APIs with your WAF

You will be in a good company

Watch a webinarDownload Demo Deck