In the latest version of Wallarm Node, we integrated a new attack detection engine that will work with a combination of current detects. Libdetection is a unique open-source project (https://github.com/wallarm/libdetection), that provides a signature-free payloads detection by implementing a syntax analysis and the base theory of grammars. Libdetection uses a formal model for attack detection, which allows it to make a decision based on the type of attack. This approach allows us to implement the…
The main things that prevent enabling security solutions like WAF/RASP/IDS/IPS in a blocking mode are false positives. Probably the second one is their inline performance and additional latency, but still. As a cloud-native WAF vendor, we at Wallarm are actively checking our products for false positives to continuously deliver better detection quality for our customers. One of the ways to address false positives is to detect it early before the real customer will be blocked.…
Security products have their own security issues, which can affect products that they were designed to secure. It’s not a recursive loop, but the reality. WAFs there are not an exclusion. You can remember CloudFlare self-DoS that happened last year (https://blog.cloudflare.com/details-of-the-cloudflare-outage-on-july-2-2019/) because of an issue in RegExp signature they applied. Or Imperva’s data breach that disclosures API keys of their clients https://krebsonsecurity.com/2019/08/cybersecurity-firm-imperva-discloses-breach/ The latest thing with ModSecurity (https://www.secjuice.com/modsecurity-vulnerability-cve-2019-19886/) is another one example of how it’s…
What do you do if you need to protect your website from XSS attacks? Most people patch it and get a WAF. This is common knowledge and there are plenty of places where you could go to get basic protection for your websites. From a free solution to solutions costing hundreds of thousands of dollars, most of them will claim they protect from OWASP Top 10 threats. So is there a real difference between WAFs?…