Our scanner component just received a powerful update. Our monthly extensions continually improve perimeter discovery and asset checks for security issues. However, you couldn't manage those extensions.

Now, you can configure extensions in the scanner settings. Choose which extensions are relevant to your infrastructure.

Extensions are grouped by CWE. As an example, group CWE-200 Information Exposure includes detects of security issues that may expose sensitive data to the attacker. You can turn on or off any extension. For instance, activate extension to discover Git or SVN repository that is open to the world. Or disable check for the MongoDB admin panel without any authentication.

To customize your navigation, filter extensions using their tags. If you want to quickly find everything related to Java, search for its associated CVE. You can search through extensions by tags relating to technology, vulnerability type, or CVE.

Good news! Wallarm Nodes now natively support auto-scaling capabilities in AWS and GCP. Updated images are already available in cloud provider marketplaces.

Many of our customers rely on the auto-scaling capabilities to horizontally scale their apps and APIs. Auto-scaling mechanisms monitor your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost.

In the earlier releases, it was already possible to automatically scale Wallarm Nodes based on the load, for example, with native support of Kubernetes. From now on, you can also dynamically add additional nodes or remove underutilized ones using the native auto-scaling mechanism of AWS and GCP.

You can scale the number of instances based on a number of standard load parameters including: the utilization of CPU, amount of inbound/outbound traffic, etc. For example, for a group of Wallarm Node instances in AWS, you can set up the following policy: If Average CPU Utilization exceeds 60% for over 5 min then add 2 more nodes.

Support of auto-scaling is available in Wallarm Node 2.12.0+. Find the images in Amazon Web Services and Google Cloud Platform.

Detailed tutorials on how to set up auto-scaling are available in the Wallarm Docs for AWS and GCP.

Wallarm nodes can operate in detection only (aka monitoring) or blocking modes. With a recent change in UI, every malicious request from the traffic is displayed with an explicit status detailing whether it was blocked or reached the application. Designed to be especially helpful for teams using individual modes for different applications and APIs.

With previous console versions, teams had to pay attention to each status code returned to the client. A 403 was the default status code if an incoming request was blocked by Wallarm node. Now, an explicit status of whether a malicious request was blocked is shown in the console. The same data is provided for attacks (groups of malicious request related to each other).