Web application is one of the top three attack patterns and the number one source of data breach for financial services firms.

2019 Data Breach Investigations Report, Verizon, April 2019

How Wallarm works

Unlike default cloud WAFs, Wallarm automates protection for apps and APIs with no manual tuning and investments into ongoing maintenance allowing the team to focus on different tasks. It scales. It works.

Watch our quick demo videos

Wallarm Protects Leading 

Financial 
Services Companies

Now, the market continues to grow. In-game purchases are a niche form of in-app purchases. Xsolla has also grown into a global company working with more than 2,000 game project developers and publishers worldwide. Xsolla operates:

  • As Merchant and Seller of Record and Seller for major gaming entities like Valve, Twitch, Ubisoft, Epic Games, PUBG, and more.
  • In 200+ geographies  and 20+ languages
  • With 700+ payment methods and 130+ currencies 
  • Automatic transactions that are 100% PCI DSS compliant
  • Compliance with regional laws, taxations, and transaction-related fees
  • Localized UI, multilingual support

415 Brannan St, San Francisco, CA 94107
(415)940-7077
request@wallarm.com



2020 © Wallarm Inc.

Christian Folini is a security engineer and open source enthusiast. He brings more than ten years of experience with ModSecurity configuration in high security environments, DDoS defense and threat modeling. Christian Folini is the author of the second edition of the ModSecurity Handbook and the best known teacher on the subject. He co-leads the OWASP ModSecurity Core Rule Set project and serves as the program chair of the "Swiss Cyber Storm" conference.

Kavya is an award-winning cybersecurity professional with a deep interest in immersive and emerging technologies. She is also the founder of a non-profit, XR Safety Initiative (XRSI). Kavya is constantly exploring new technologies to solve current cybersecurity challenges. She has been named one of the Top Cybersecurity influencers for two consecutive years 2018-2019 by IFSEC Global.

Christian Folini

Partner & Consultant at Netnea.com. Cyber Security expert. Program chair of the Swiss Cyber Storm conference

Kavya Pearlman

Global Cybersecurity Strategist, Wallarm

Dashboard overview

Dissecting one attack

API Deep Request Inspection

Scanning the attack surface

Speakers

1. Modern AppSec challenges for Financial organizations

Besides OWASP Top 10 and other threats that web-apps typically face, fintech also sees different kinds of API Abuse, fraud, and credential stuffing (ATO).

2. How to protect assets in a multi-cloud environment

Infrastructures distributed across different CDNs and apps hosted in multiple regions/clouds create a whole new set of challenges for security leaders and practitioners.

3. Why legacy security tools fail modern threats

Massive loads of traffic. A high velocity of development. Strict requirements for latency and false positives. A new setting makes traditional tools both inefficient and harmful for business.

Share:

In addition to traditional challenges, evolving landscape of threats, massive shifts in the the tech stack add a few more pains to DevOps and security teams. Wallarm helps gain real-time insight and control over all of their digital assets that operate at the web layer while maintaining compliance with the Payment Card Industry (PCI) Data Security Standard (DSS). 

I need to protect both legacy apps and modern APIs that we're moving from private cloud to public cloud providers.

Our apps suffer from account takeovers and different kinds of automated API abuse.

My old WAF constantly requires tedious tuning and team resources. Still, I can’t really use it in a blocking mode.

Parts of my business need isolated consoles to manage WAF for their assets.

I need to find a product that my DevOps / Infrastructure team would vet for usage in our cloud native environment and massive load.

I need to stay in compliance with PCI regulations.

Wallarm offers a single source of control for the security of websites, applications, and APIs, hosted across multiple cloud environments and Kubernetes clusters.

Unlike traditional WAFs, Wallarm doesn’t need manual tuning and investments into ongoing maintenance to minimize false positives. It just works.

Wallarm protects against credential stuffing and API abuse.

Give every team a level of visibility and control over the protection of their assets while keeping an option to manage the entire portfolio from a single dashboard.

DevOps teams like Wallarm as they can automate deployment, updates and monitoring with their existing tools such as Terraform and Ansible. It also meets the strictest requirements for added latency.

Wallarm strengthens security posture and keeps the traffic on premises while helping to meet PCI compliance. Wallarm is SOC2 Type II compliant.

Key pains and benefits

Wallarm vs Traditional WAFs

Webinar  May 28th at 10 am GMT+1 / 11 am CET

Modern Security challenges 
for European Financial organizations

Sign Up for Webinar

☝️Limited seats available

Addressing Modern Security challenges for FinTech with OWASP

Webinar | May 7th 11:00am PST (2:00 pm EST)

1. Modern AppSec challenges for the FinTech companies

Besides OWASP Top 10 and other threats that web-apps typically face, fintech also see a lot of specific trouble due to different kinds of API Abuse, fraud, and credential stuffing (ATO).

2. How to protect assets in multi-cloud environment

Infrastructures distributed across different CDNs and apps hosted in multiple regions/clouds create a whole new set of challenges for security leaders and practitioners.

3. Why do legacy security tools fail modern threats

Massive loads of traffic. A high velocity of development. Strict requirements for latency and false positives. A new setting makes traditional tools not only inefficient but sometimes harmful for business.

Share:

Talks with OWASP series 

Wallarm helped Xsolla to up their security game without reinventing the wheel. It provided the ease of use they needed with intelligent threat-detection and critically helped them with compliance.

Xsolla is able to extend security to its customers with a 100% guarantee of liability for player payments in any country and currency it serves. With Wallarm deployed and people trained across Xsolla's custom applications and distributed infrastructure, Xsolla is able to satisfy PCI DSS compliance requirements confidently.

The biggest takeaway for Xsolla was that Wallarm is an incredibly easy-to-use product. No sacrifice with its comprehensive security. They love the machine learning aspect, which allows them to focus on growth. The interface is truly clear and intuitive, and there were no problems training anyone at their company. Switching to Wallarm's enterprise solution with support meant minimal resource allocation from Xsolla. Once tuned initially, it just worked.  Instant security upgrade.

As a fintech company in the gaming space, one of Xsolla’s most important priorities is protecting its customers’ funds and safeguarding its customers’ data loyalty.

Webinar  May 28th at 10 am GMT+1 / 11 am CET

Register for the webinar to learn more about Modern Security challenges for Financial organizations

Reserve a seat

Case Study

Scaling E-Commerce Security for the Video Game Business Engine Speaks To Scaling Any Fintech Security  

Xsolla

Ian Johnson

Security Solutions Architect, Wallarm

Ian has spent the last ten years working at the market-leading vendors in the application delivery and vulnerability detection. Helping customers with the protection of their web applications and APIs using scanning tools and a variety of Web Application Firewalls

Wallarm is an Enterprise solution with full support and doesn't require continuous attention. Once the system is turned on, all we do is look at the reports, review any rare false positives, and feed the information back into the system. Each of our custom self-written applications have their own loads and traffic profiles.

Konstantin Golubitsky, Xsolla CTO

Traditional WAF

Wallarm

Blocking mode with near-zero false positives for the apps that update every day

Scalable deployment in multi-cloud and cloud-native / Kubernetes environments 

Robust API protection for JSON/XML based APIs, websockets, gRPC, graphQL

Watch a webinarDownload Demo Deck