Tag

Appsec

Browsing

Envoy, the new darling of the DevOps community, performs the role of a service and edge proxy. With advanced features such as timeouts, rate limiting, circuit breaking, load balancing, retries, stats, logging, and distributed tracing are required to handle network failures in a fault tolerant and reliable way it’s a solid choice as an API gateway and/or to manage communications among microservices in order to ensure application performance. Envoy’s out-of-process architecture can be used with…

By @aLLy , Wallarm Research Hello guys, time to talk details about Wallarm FAST (Framework for Application Security Testing). It’s a new automatic web vulnerability scanning and fuzzing detection tool by Wallarm Inc. It is well suited for security researchers in enterprise Red Teams as well as for teams in charge of test automation in CI/CD environments. The main goal of the tool is to help significantly increase security test coverage and to use Wallarm learned…

Wallarm is excited to announce the native availability of Wallarm node on Azure. While in the past Wallarm customers in Azure environment had to install Wallarm nodes as dynamic modules (manually) into their Azure instances with NGINX, the new release allows deployment from a pre-configured image from the Azure marketplace. Wallarm’s release on Azure marketplace comes at an opportune time for businesses exploring a diversified environment or expanding their DevOps infrastructure into Azure. Wallarm’s NG…

In a recent article published by Security Boulevard, we talked about OWASP Top 10 Risk classification and overlap. In this post, we will examine tools that allegedly help address these risks. You may be at more risk than you’ve been lead to believe. The following is an OWASP Risk Overlap diagram (based on the Security Boulevard article) will be used to illustrate different threat intelligence and detection mechanisms. The following color-coded visual aids help understand…

We have recently released a new version of Wallarm Node. After your next update window, you will see some new features your DevOps team is certain to like. Firstly, your monitoring and reporting got a lot livelier. Starting with this version in addition to JSON format metrics can be exported in Prometheus compatible format. As before with Collectd, information on the number of requests, number of attacks, number of blocked attacks and a variety of…

Security and Other considerations. Part 2 By Johan Nordstrom To be able to keep up with the development of new security threats, companies need to rethink their security strategies. The basics must be to decrease complexity and use automated solutions when possible. There has been a change in the balance. In the past, attacks and defenses were somewhat in balance in the sense that hackers manually hacked their way into companies and the targeted organizations security…