Wallarm node 4.4 - checking JSON Web Token strength
We are pleased to announce the release of Wallarm node 4.4
Here is a list of the main features which will be available when you upgrade to the latest Wallarm node version:
Checking JSON Web Token strength
JSON Web Token (JWT) is one of the most popular authentication methods. Unfortunately, JWTs may contain many weaknesses which might be missed or forgotten about during development. Any of these will allow attackers access to your application, for example, with administrator rights.
Wallarm node now detects weaknesses in JWTs and records the corresponding vulnerabilities when:
- JWT is not signed
- JWT is signed using a compromised key
Libdetection library enabled by default
Wallarm introduced a fully grammar-based attack detection library libdetection a few years back and since then commited to improve and enhance it. First introduced as a feature for the power-users, it's then became available for everyone.
Starting node 4.4 it's by default enabled for all the customers. This is a major improvement as our core thing of getting the most accurate attack detection, with near-zero false positives. Focus on what matters, don't waste time on the tuning - we back you up.
Supported installation options
- Added support for Ubuntu 22.04 LTS (jammy)
- Dropped support for Debian 10.x (buster) for Wallarm to be installed as the module for either NGINX stable or NGINX Plus
Wallarm node 4.4 incorporates dozens of other improvements. A more detailed changelog and instructions on safe upgrade from previous versions are published in the official documentation.
If you have any questions, feel free to contact our support team at firstname.lastname@example.org.