Wallarm’s Kubernetes Ingress controller is designed to help protect your Kubernetes cluster against cyberattacks. Its built-in web application firewall (WAF) is capable of detecting and blocking a wide range of common attacks against Kubernetes deployments. The previous article in this series discussed how to set up Wallarm’s Ingress controller to protect your Kubernetes cluster. However, there are a few configuration settings that you may need to modify in order to ensure optimal protection and performance…
Introduction to GraphQL Representational state transfer (REST) APIs are the most popular type of API. However, GraphQL is rapidly growing in popularity as a competitor to REST. GraphQL is a meta-layer with built-in query language to access object-oriented data. It’s based on JSON-encoded HTTP requests with custom queries inside. Unlike REST, there is no data inside the URL. These differences between traditional REST APIs and GraphQL ones can create challenges for security. Legacy web application…
Wallarm has always stood out from its competitors when it comes to supporting modern stacks. For a long time Wallarm has been the only product to provide comprehensive protection for WebSockets-based web applications. Once again, Wallarm is glad to be the pioneer and add support for the gRPC protocol. The newly added WAF for gPRC feature is available to all the customers that use the latest 2.14 version of Wallarm Node. Adoption of gPRC Many…
In addition to the same risks that web applications are exposed to, APIs are faced with a number of unique security risks and vulnerabilities. This blogs provides an overview of the new OWASP API Top 10 risk project.
So, what lies ahead? Let’s turn over our virtual coffee cups and read the coffee grounds. …. report also shows that as many as 60% of all hacker attacks are using a compromised web application to gain unauthorized access or steal data.
DevSecOps is more than a corporate buzzword. As a combined term, DevSecOps bears out the interdependence of responsibilities that lead to security transformation from a fixed set of inflexible tools into security as a process.