How to prepare
Read the article
Since 1991, Web Application Firewall, commonly referred to as WAF, has become one of the most common application security technologies…
Download the tool
An open-source Go project to test different WAF for detection logic and bypasses.
How Wallarm WAF works
Unlike default cloud WAFs, Wallarm automates protection for apps and APIs with no manual tuning and investments into ongoing maintenance allowing the team to focus on different tasks. It scales. It works.
Wallarm protects hundreds of Fortune 500 organizations
415 Brannan St, San Francisco, CA 94107
(415)940-7077
request@wallarm.com
2020 © Wallarm Inc.
Ivan Novikov
CEO at Wallarm
Ivan Novikov is CEO of Wallarm, a provider of AI-powered application security. He is also a white hat security professional with over 12 years of experience in security services and products. He is an inventor of memcached injection and SSRF exploit class as well as a recipient of bounty awards from Google, Facebook, and others. Ivan has recently been a speaker at HITB, Black Hat, and other industry events.
Speaker
Share:
Majority of the fintech, health tech, and e-commerce companies have had WAF/RASP/NGWAF and API security solutions installed for years to protect their APIs, but also due to PCI DSS, SOC2, and HIPAA compliance requirements, bot mitigation, and OWASP Top-10 attack prevention needs.
During the workshop, an audience will learn and practice in the following topics:
- How to run OWASP Top-10 attacks tests
- How to test API security threats prevention solutions for REST/SOAP/XMLRPC, and GraphQL
- How to test application security solutions on false positives;
- Understanding blocking and false positives statistics and preparing custom reports
Requirements for the lab:
- Windows/Linux or macOS machine with Docker installed
- Lab session will be based on open-source tools available for an audience
