Tag

Authentication

Browsing

A lot of information about detected malicious requests is already available in the Wallarm console UI. However, the search functionality of the Wallarm UI does not provide full visibility into every type of potential attack or full details of a particular alert. If this level of visibility is desired, a script can use the Wallarm API to extract this data and send it to one of a number of different targets. This article provides an…

JSON Web Token (JWT) is the data format with bill-in signature and encryption mechanisms that are often used by modern web applications to store user sessions and application context, including authentication by SSO and meta-data. Usually, you can find JWT tokens in an Authentication Bearer HTTP headers for authenticated API calls. As Wikipedia says: “The tokens are signed either using a private secret or a public/private key. For example, a server could generate a token…

An engineering POV into everyday vulnerability. The everyday things you rely on may leave you vulnerable to attack. And it may not be the things themselves, but what is hiding inside. Are your IoT devices, printers, and otherwise friendly, functional helpers vectors for data breaches? We have to look into the tiny software component embedded in millions of machines to understand why their security is often inadequate. This is the story of Appweb: a web…