Wallarm API Security Wallarm updates logo

Wallarm updates

Discover the latest features, improvements, and updates in Wallarm API Security

Subscribe to Updates

Labels

  • All Posts
  • API Security
  • WAAP
  • ANNOUNCEMENT
  • IMPROVEMENT
  • FIX
  • FAST

Jump to Month

  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • March 2022
  • February 2022
  • December 2021
  • November 2021
  • October 2021
  • August 2021
  • April 2021
  • March 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • October 2019
  • August 2019
  • April 2019
IMPROVEMENT
a year ago

Improved Left Menu for Enhanced Navigation

We're excited to announce a significant update in our interface that will make your experience smoother and more intuitive. As the Wallarm platform has grown and evolved, the number of features available has reached a point where navigation can be challenging. We’ve listened to your feedback, and it's with great pleasure that we unveil our redesigned left menu, tailored to specific use cases and streamlined for ease of use.

With this update, you can focus on what's important without losing quick access to the full range of platform capabilities. The new menu is designed to guide you effortlessly to the tools and information you need, when you need them, enhancing your productivity and user experience.

For our customers with basic subscriptions, we're offering a simple way to request a free trial of Advanced API Security. This is your opportunity to explore additional features such as API Discovery, API Abuse Prevention, Automatic BOLA Protection, and API Security Testing. Gain full access to our platform's functionality without the need to install any additional components in your infrastructure.

We're committed to continuously improving and adapting our platform to meet your needs. That's why your input is invaluable and we would be delighted if you share your impressions of these changes using emojis under this post or send us your feedback.

Avatar of authorWallarm team
API Security
a year ago

Wallarm API ThreatStats™ Report Q3’2023 Insight

This in-depth Q3’2023 API ThreatStatsTM report emphasizes the need for immediate strategic actions for cybersecurity practitioners to combat sophisticated emerging threats. The API ThreatStatsTM report highlights vulnerabilities not captured by traditional benchmarks frameworks like the OWASP API Top 10. While these frameworks are invaluable, they are not exhaustive.
At Wallarm, we advocate for a dynamic, real-time approach to identifying severe threats that static frameworks might miss.

Key Findings:

  • 239 API vulnerabilities discovered in this past (Q3) quarter.
  • 33% associated with AuthZ, AuthN and Access Control (AAA) issues.
  • Breaches suffered by leading global companies highlighted in the report underscores
    the essential role of API leak prevention within corporate security planning.

Practical Steps & Actionable Recommendations 

  1. Thoroughly review the Q3’2023 ThreatStats report, focusing on major API security concerns and highlights.
  2. Investigate potentially overlooked CVEs relevant to your environment.
  3. Start by using the OWASP API Top 10 as a foundational benchmark.
  4. Prioritize and act on the pivotal findings presented in the Wallarm ThreatStats report.

Leverage Wallarm's Expertise: 

Utilize our tools and research for a comprehensive API security approach. Access detailed insights from our full Q3’2023 API Security ThreatStatsTM report or read the key highlights in the Executive Summary. Also, for personalized guidance, engage with one of Wallarm’s seasoned security experts.

Avatar of authorWallarm team
API Security
a year ago

Introducing OpenAPI Security Testing

We're excited to announce that Wallarm OpenAPI Security Testing is now available!

Our new solution allows you to perform dynamic vulnerability testing of APIs based on OpenAPI Specifications. Customers can use the API specification discovered with API Discovery or upload one of their own. This new testing capability is designed for easy integration via Docker, and with flexible testing policies to maximize effectiveness. Users can integrate testing directly into their CI/CD pipeline. Within the testing policies, users can configure the list of endpoints to be tested and specific vulnerabilities to be assessed in APIs, authorization, and other metadata. The test report contains information about which endpoint contains which vulnerability, including a sample request for manual validation. 

We’re excited for customers to extend their Wallarm use cases with this testing feature that allows you to more effectively eliminate API vulnerabilities from your environment. More information is available in the documentation. 

Avatar of authorWallarm team
ANNOUNCEMENT
a year ago

Introducing Wallarm NGINX Ingress Controller for ARM64

We are happy to introduce the Wallarm NGINX Ingress Controller with ARM64 support. As ARM64 architecture continues to gain prominence in server solutions, we are committed to staying at the forefront of technology to meet the evolving needs of our customers.

ARM64 architectures offer energy-efficient performance, helping organizations optimize capacity, cut compute costs, and modernize their API operations. To meet the rising demand for API security, customers seek ARM64-compatible solutions, ensuring uniform security protocols across diverse setups. Adopting a single security platform which covers both traditional x86 and ARM64 architectures lets organizations adapt to evolving needs while strengthening protection.

With Wallarm NGINX Ingress Controller now supporting ARM64 architecture, we are aligning with industry adoption and empowering our customers to leverage this cutting-edge technology for enhanced security in their API environments.

Feel free to talk with Wallarm's security experts if you'd like to learn more.

Avatar of authorWallarm team
ANNOUNCEMENT
a year ago

Wallarm Node 4.8: Comprehensive statistics for high-volume attacks


We're excited to announce that Wallarm node 4.8 is now available!

The new node’s version contains significant enhancements to our DenyList functionality, a very effective defensive measure against high-volume attacks (e.g., brute-force, path traversal, bot attacks, etc.).

In pursuit of enhancing usability and understanding of attack profiles, we gather detailed statistics about all blocked packets. Now, you can analyze not only the initial packets that led to the blocking of a particular source, but you can also see the total number of packets blocked after a source has been added to the DenyList.

This improvement will allow you to evaluate the power of attacks and more accurately analyze event statistics by various parameters. To provide a better perspective of each attack, examples of blocked packets will be preserved for every incident.

We believe this functionality will serve as a powerful tool in understanding and combating high-volume attacks. 

You can find more information about this functionality in our documentation.

Avatar of authorWallarm team
ANNOUNCEMENT
a year ago

Introducing the Redesigned Documentation Site!

We're excited to unveil our revamped documentation site, designed with you in mind.

Here's what you can expect:

  • A fresh look that aligns seamlessly with our brand, ensuring a consistent and reader-friendly experience across all our sites and services.
  • New Home page that spotlights core platform features, providing quick and easy access tailored to your use case, ensuring a smooth start to your journey.
  • Instant access to the Wallarm Playground, where you can explore Wallarm's capabilities before signing up or deploying components.

We believe these changes will simplify your interaction with our documentation and enrich your understanding of our services, whether you are a seasoned user or just starting out.

Discover the difference for yourself on our newly redesigned documentation site at https://docs.wallarm.com!

Avatar of authorWallarm team
IMPROVEMENT
a year ago

Streamlined tenant creation with Wallarm's multitenancy

For organizations with separate business entities, partners, and managed service providers, Wallarm offers multi-tenancy, with the ability to create multiple, separate instances of the Wallarm platform under a single parent account. Now, Wallarm has refined its multi-tenancy feature by simplifying tenant creation. Users can effortlessly establish new tenants directly from the Wallarm Сonsole, instead of having to use the Wallarm API. 

This enhancement facilitates the creation of distinct Wallarm environments managed by a single parent account. Each tenant is equipped with its own administrators, ensuring the separation of duties, environments, and configurations. 

To activate multi-tenant features, please direct your request to sales@wallarm.com. For a deeper understanding, our official documentation offers extensive information on this update.

Avatar of authorWallarm team
API SecurityIMPROVEMENT
a year ago

Don't let your APIs become zombies

Imagine Zombie APIs as the digital world's undead. They're APIs that refuse to disappear, even when they should have. Zombie APIs might remind you of horror movies, but they're a real concern. They can expose sensitive data, such as user information or confidential records, cause compliance issues with applicable security standards or regulations, slow down application agility, and hinder the ability to adapt to changing business needs.

These lurking APIs could pose a security risk, and that's where Wallarm steps in. With the Wallarm Zombie API detection feature, you can be confident your APIs are genuinely secure.

The Wallarm solution empowers security teams to compare and verify their different API specification versions with those automatically generated by Wallarm API Discovery. This allows SecOps and Security Analysts to spot any inconsistencies that might signal the presence of Zombie APIs. This way, they can swiftly act to minimize potential security threats.

Don't wait until it's too late. Begin utilizing the Wallarm Zombie API detection feature today and shield your API infrastructure from possible attacks!

You can find more detailed information about this feature in our documentation.

Avatar of authorWallarm team
IMPROVEMENT
a year ago

Block bot-net activity with "Malicious IP" feeds

Effective protection against automated threats requires a combination of defensive measures, including the integration of statistical and behavioral analyses along with straightforward measures such as brute-force triggers, rate limiting, and blocklists.

In situations such as mass attacks, the same hosts might be deployed against various targets, giving rise to phenomena such as “Bot-Net-as-a-Service.” The most efficient way to counteract this is through the automated exchange and blocking of malicious feeds.

We've introduced a new source type known as "Malicious IPs," which comprises hundreds of thousands of addresses identified in diverse Internet attacks. You can quickly gauge the level of attacks from these IPs and block them if necessary. The “Malicious IPs” feed updates automatically, ensuring that most active bot-nets are blocked without impacting regular users.

Avatar of authorWallarm team
IMPROVEMENT
a year ago

Say Goodbye to Orphan APIs with Wallarm API Discovery

We are excited to announce that the Wallarm End-to-End API Security solution has taken another significant step forward with the addition of Orphan API Detection to the API Discovery module.

An Orphan API is an endpoint listed in your API specification, but unused by any applications. Unused APIs like these can lead to unnecessary problems, including:

  • Inefficient resource allocation causes system inefficiencies.
  • Difficulty in maintaining your API infrastructure.
  • Lack of visibility into your API infrastructure.
  • Violation of API design principles, resulting in issues with maintainability, scalability, and security.

With this solution, DevSecOps and Development teams can now identify Orphan APIs, whether they're external or internal. Wallarm allows you to compare and validate API specifications with those automatically generated by Wallarm API Discovery. This comparison empowers you to optimize resource allocation and significantly improve the efficiency of your API infrastructure.

You can find more detailed information about this feature in our documentation.

Avatar of authorWallarm team