Tag

REST Application Security

Browsing

In the previous article, we described the vulnerability discovered in the Yii2 Framework 2.0.35. In this piece, you’ll find out how to prevent it.  It’s a highly recommended read, especially for web developers who want to quickly check the rule settings and fix a detected vulnerability. Yii is an object-oriented component framework that implements the MVC design pattern (learn more on Wiki).  We used Yii2 Framework 2.0.35 as a demo configuration.How a seemingly safe Active…

Introduction to GraphQL Representational state transfer (REST) APIs are the most popular type of API. However, GraphQL is rapidly growing in popularity as a competitor to REST. GraphQL is a meta-layer with built-in query language to access object-oriented data. It’s based on JSON-encoded HTTP requests with custom queries inside. Unlike REST, there is no data inside the URL. These differences between traditional REST APIs and GraphQL ones can create challenges for security. Legacy web application…

GraphQL is an alternative to the REST concept that allows working with the data in a more structured and object-oriented way. This technology is very famous and used by many enterprise companies such as Facebook, Walmart, Intuit among other. Whether you know it or not, GraphQL has a significant impact on your business. Many products you rely on, such as GitLab, New Relic, and WordPress use GraphQL under the covers. In this series of articles,…

Automatically Detect + Parse and Set Your Own Rules A unique Wallarm AI feature is its ability to automatically detect and parse complicated API protocols and then set up security rules based on specific data or parameters deep inside the API. Once parsed, the system creates the rules-based both on where in the HTTP request a specific set of data or a parameter is found and the actual data within the parameter. The API parameters…