We are happy to introduce the Wallarm NGINX Ingress Controller with ARM64 support. As ARM64 architecture continues to gain prominence in server solutions, we are committed to staying at the forefront of technology to meet the evolving needs of our customers.

ARM64 architectures offer energy-efficient performance, helping organizations optimize capacity, cut compute costs, and modernize their API operations. To meet the rising demand for API security, customers seek ARM64-compatible solutions, ensuring uniform security protocols across diverse setups. Adopting a single security platform which covers both traditional x86 and ARM64 architectures lets organizations adapt to evolving needs while strengthening protection.

With Wallarm NGINX Ingress Controller now supporting ARM64 architecture, we are aligning with industry adoption and empowering our customers to leverage this cutting-edge technology for enhanced security in their API environments.

Feel free to talk with Wallarm's security experts if you'd like to learn more.

We're excited to announce that Wallarm node 4.8 is now available!

The new node’s version contains significant enhancements to our DenyList functionality, a very effective defensive measure against high-volume attacks (e.g., brute-force, path traversal, bot attacks, etc.).

In pursuit of enhancing usability and understanding of attack profiles, we gather detailed statistics about all blocked packets. Now, you can analyze not only the initial packets that led to the blocking of a particular source, but you can also see the total number of packets blocked after a source has been added to the DenyList.

This improvement will allow you to evaluate the power of attacks and more accurately analyze event statistics by various parameters. To provide a better perspective of each attack, examples of blocked packets will be preserved for every incident.

We believe this functionality will serve as a powerful tool in understanding and combating high-volume attacks. 

You can find more information about this functionality in our documentation.

We're excited to unveil our revamped documentation site, designed with you in mind.

Here's what you can expect:

• A fresh look that aligns seamlessly with our brand, ensuring a consistent and reader-friendly experience across all our sites and services.
• New Home page that spotlights core platform features, providing quick and easy access tailored to your use case, ensuring a smooth start to your journey.
• Instant access to the Wallarm Playground, where you can explore Wallarm's capabilities before signing up or deploying components.

We believe these changes will simplify your interaction with our documentation and enrich your understanding of our services, whether you are a seasoned user or just starting out.

Discover the difference for yourself on our newly redesigned documentation site at https://docs.wallarm.com!

For organizations with separate business entities, partners, and managed service providers, Wallarm offers multi-tenancy, with the ability to create multiple, separate instances of the Wallarm platform under a single parent account. Now, Wallarm has refined its multi-tenancy feature by simplifying tenant creation. Users can effortlessly establish new tenants directly from the Wallarm Сonsole, instead of having to use the Wallarm API. 

This enhancement facilitates the creation of distinct Wallarm environments managed by a single parent account. Each tenant is equipped with its own administrators, ensuring the separation of duties, environments, and configurations. 

To activate multi-tenant features, please direct your request to sales@wallarm.com. For a deeper understanding, our official documentation offers extensive information on this update.

Imagine Zombie APIs as the digital world's undead. They're APIs that refuse to disappear, even when they should have. Zombie APIs might remind you of horror movies, but they're a real concern. They can expose sensitive data, such as user information or confidential records, cause compliance issues with applicable security standards or regulations, slow down application agility, and hinder the ability to adapt to changing business needs.

These lurking APIs could pose a security risk, and that's where Wallarm steps in. With the Wallarm Zombie API detection feature, you can be confident your APIs are genuinely secure.

The Wallarm solution empowers security teams to compare and verify their different API specification versions with those automatically generated by Wallarm API Discovery. This allows SecOps and Security Analysts to spot any inconsistencies that might signal the presence of Zombie APIs. This way, they can swiftly act to minimize potential security threats.

Don't wait until it's too late. Begin utilizing the Wallarm Zombie API detection feature today and shield your API infrastructure from possible attacks!

You can find more detailed information about this feature in our documentation.

Effective protection against automated threats requires a combination of defensive measures, including the integration of statistical and behavioral analyses along with straightforward measures such as brute-force triggers, rate limiting, and blocklists.

In situations such as mass attacks, the same hosts might be deployed against various targets, giving rise to phenomena such as “Bot-Net-as-a-Service.” The most efficient way to counteract this is through the automated exchange and blocking of malicious feeds.

We've introduced a new source type known as "Malicious IPs," which comprises hundreds of thousands of addresses identified in diverse Internet attacks. You can quickly gauge the level of attacks from these IPs and block them if necessary. The “Malicious IPs” feed updates automatically, ensuring that most active bot-nets are blocked without impacting regular users.

We are excited to announce that the Wallarm End-to-End API Security solution has taken another significant step forward with the addition of Orphan API Detection to the API Discovery module.

An Orphan API is an endpoint listed in your API specification, but unused by any applications. Unused APIs like these can lead to unnecessary problems, including:

• Inefficient resource allocation causes system inefficiencies.
• Difficulty in maintaining your API infrastructure.
• Lack of visibility into your API infrastructure.
• Violation of API design principles, resulting in issues with maintainability, scalability, and security.

With this solution, DevSecOps and Development teams can now identify Orphan APIs, whether they're external or internal. Wallarm allows you to compare and validate API specifications with those automatically generated by Wallarm API Discovery. This comparison empowers you to optimize resource allocation and significantly improve the efficiency of your API infrastructure.

You can find more detailed information about this feature in our documentation.

We are happy to announce the addition of new filters for event search queries in Wallarm. Now you can easily search for malicious requests that have been detected based on specific criteria:

• Search by Wallarm node UUID: You can search for malicious requests detected by a particular Wallarm node using the ‘node_uuid:’ prefix followed by the UUID of the desired node. Using this filter is valuable when you need to validate the protection status for every node within a cluster. You can include multiple ‘node_uuid:’ prefixes in your search query. For example:

attacks incidents today node_uuid: 13c431b2-3d2a-12cf-9909-408418077431 node_uuid: 1244b531-734a-1822-ac84-b28ccdac1b56

• Search by Regex-based attack indicator rule: You can search for malicious requests detected using a Regex-based attack indicator rule by using the ‘custom_rule’ parameter. The event details will contain a link to the triggered rule. With this parameter, you can easily find malicious requests detected by your rules and verify their correctness. Additionally, you can also exclude similar malicious requests from the search results using an exclamation point (the  ‘!’ symbol). For example:

attacks incidents today !custom_rule

For more information on search query formats, please refer to the Wallarm documentation.

We are excited to announce a new feature in the API Discovery module that will help you better monitor your endpoints. With this update, you gain deeper insights into your endpoints' usage, including: 

• the number of requests made over the last 7 days;
• the number of requests made in the last 24 hours; 
• the average number of requests per second (RPS) in the last 24 hours.

Gaining visibility into Shadow API activity and risky endpoints is crucial for security investigations. Our new endpoint request statistics feature provides the necessary visibility to investigate such endpoints activity and ensure the security of your API infrastructure.

You can find more detailed information about endpoint request statistics in our documentation.

We are pleased to announce Wallarm End-to-End API Security integration with the MuleSoft Anypoint Platform, a powerful integration solution that enables businesses to connect their data, devices, and applications seamlessly. The Anypoint Platform delivers an application network, bridging on-premise and cloud deployments through API-led connectivity.

To facilitate this integration, Wallarm utilizes a policy specifically tailored for the MuleSoft Anypoint Platform. Now you can easily map your Wallarm policies to any API registered on the Anypoint Platform, seamlessly delivering API traffic to Wallarm nodes and protecting all your API endpoints from API attacks and abuse.

Find more information on how to leverage this integration in Wallarm documentation.