We are happy to announce the addition of new filters for event search queries in Wallarm. Now you can easily search for malicious requests that have been detected based on specific criteria:

• Search by Wallarm node UUID: You can search for malicious requests detected by a particular Wallarm node using the ‘node_uuid:’ prefix followed by the UUID of the desired node. Using this filter is valuable when you need to validate the protection status for every node within a cluster. You can include multiple ‘node_uuid:’ prefixes in your search query. For example:

attacks incidents today node_uuid: 13c431b2-3d2a-12cf-9909-408418077431 node_uuid: 1244b531-734a-1822-ac84-b28ccdac1b56

• Search by Regex-based attack indicator rule: You can search for malicious requests detected using a Regex-based attack indicator rule by using the ‘custom_rule’ parameter. The event details will contain a link to the triggered rule. With this parameter, you can easily find malicious requests detected by your rules and verify their correctness. Additionally, you can also exclude similar malicious requests from the search results using an exclamation point (the  ‘!’ symbol). For example:

attacks incidents today !custom_rule

For more information on search query formats, please refer to the Wallarm documentation.

We are excited to announce a new feature in the API Discovery module that will help you better monitor your endpoints. With this update, you gain deeper insights into your endpoints' usage, including: 

• the number of requests made over the last 7 days;
• the number of requests made in the last 24 hours; 
• the average number of requests per second (RPS) in the last 24 hours.

Gaining visibility into Shadow API activity and risky endpoints is crucial for security investigations. Our new endpoint request statistics feature provides the necessary visibility to investigate such endpoints activity and ensure the security of your API infrastructure.

You can find more detailed information about endpoint request statistics in our documentation.

We are pleased to announce Wallarm End-to-End API Security integration with the MuleSoft Anypoint Platform, a powerful integration solution that enables businesses to connect their data, devices, and applications seamlessly. The Anypoint Platform delivers an application network, bridging on-premise and cloud deployments through API-led connectivity.

To facilitate this integration, Wallarm utilizes a policy specifically tailored for the MuleSoft Anypoint Platform. Now you can easily map your Wallarm policies to any API registered on the Anypoint Platform, seamlessly delivering API traffic to Wallarm nodes and protecting all your API endpoints from API attacks and abuse.

Find more information on how to leverage this integration in Wallarm documentation.

Wallarm API Abuse Prevention addresses one of the most critical API threats: malicious bots. Wallarm can now accurately identify and mitigate API bot activity, protecting your system from API abuse, account takeover, credential stuffing, price scraping, and more, while preserving the best possible user experience for your legitimate API users. API Abuse Prevention can save businesses from potential lost revenue, protect customer information, and prevent reputational damage.

Wallarm employs AI-driven anomaly detection algorithms to identify unusual patterns in API requests, user sessions, or data access. These algorithms learn from normal user behavior and can flag potential API abuse in real-time, allowing organizations to take proactive measures to mitigate threats.

Some of the advantages of our approach include: 

• It Provides Detection and Protection. You can guard against the blind spot in your API defenses by recognizing and differentiating between legitimate vs. malicious automated behaviors and blocking those likely to cause harm based on your unique scenarios.
• It’s Integrated. Our API Abuse Prevention capability is delivered as part of the Wallarm End-to-End API Security solution, providing you with a single platform to protect your entire API estate so you do not have to add another tool / workflow into your process.
• It’s Customizable. You can assemble detectors and thresholds to customize protections appropriate for your API estate.

If you're interested in learning more about Wallarm's API Abuse Prevention and how it can protect your business, please visit our website or contact our sales team for more information.

We are excited to introduce our new All-in-One installer, designed to streamline and standardize the process of installing Wallarm as a dynamic module for NGINX in various environments.

The All-in-One installer autonomously identifies your operating system and NGINX versioning and installs all the requisite dependencies, saving you valuable time and minimizing the chance for error.

To ensure the smooth functioning of the Wallarm Node, the installer places all required components into a self-contained environment, eliminating any risk of dependency conflicts and paving the way for effortless future updates.

The All-in-One installer supports the following installation environments:

• Debian 10, 11 and 12.x;
• Ubuntu LTS 18.04, 20.04, 22.04;
• CentOS 7, 8, 9 Stream;
• Alma/Rocky Linux 9, Oracle Linux 8.x, Redos, SuSe Linux; 
• and other popular Linux distros.

Furthermore, the All-in-One installer allows you to try out the beta version of the Wallarm Node for the ARM64 architecture.

We’re confident this enhancement will provide you a more seamless installation experience, and we look forward to hearing your feedback. 

A description of the new installation option can be found in our documentation.

According to Gartner's March 2022 API survey, a staggering 98% of organizations currently use or plan to use internal APIs, up from 88% in 2019. Additionally, 90% of organizations utilize or have plans to utilize private APIs provided by partners, up from 68% in 2019.

Focusing solely on protecting your public-facing APIs leaves a significant blind spot in your API security posture. Our latest findings, detailed in the Q1-2023 API ThreatStats™ report infographic, confirm this fact.

In our analysis of publicly released API vulnerabilities during Q1-2023, we observe an increase in the number of vulnerabilities, with severity levels consistently in the High range. However, as past reports have revealed, it's what lies beneath the surface that can have a substantial impact.

For detailed insights, we encourage you to explore the complete report on the Wallarm blog. 

We are excited to announce the integration of Wallarm End-to-End API Security with Amazon Web Services (AWS) S3. We understand that investigating incidents can be a complex and time-consuming process. With this new integration, Wallarm can now export detected malicious requests to AWS S3 for in-depth analysis and security incident investigation. 

This integration enables security analysts to:

• Receive detected malicious requests from Wallarm to AWS S3
• Conduct detailed analysis and investigations of security incidents
• Correlate data from different sources to gain a comprehensive view of security events

By integrating Wallarm API Security with AWS S3, we are making it easier for security teams to detect and respond to security incidents quickly and effectively.

You can find more detailed information on this capability in our documentation.

Shadow APIs are undocumented or unmonitored public APIs that pose a significant security risk to an organization. These may include third-party APIs and services that the company uses but does not track, or in-house developed tools for internal or customer use. The new Wallarm API specification comparison feature allows security and operations teams to discover Shadow APIs.

Shadow APIs put businesses at risk, as attackers can exploit them to gain access to critical systems, steal valuable data, or disrupt operations, further compounded by the fact that APIs often act as gatekeepers to critical data and that a range of OWASP API vulnerabilities can be exploited to bypass API security. Recent reports highlight that the majority of businesses have Shadow APIs that are vulnerable to attacks, and cybercriminals are increasingly targeting these weaknesses.

With Wallarm's solution, SecOps and Security Analyst teams can now identify Shadow APIs, including external, internal, and 3rd party developed APIs. The solution gives security teams the ability to compare and validate their API specifications with the ones automatically built by Wallarm API Discovery. In this way, the SecOps and Security Analysts can detect any discrepancies that may indicate the presence of Shadow APIs, allowing them to quickly take action to mitigate potential security risks.

Don't wait until it's too late - start using Wallarm's new Shadow API detection feature today and safeguard your API infrastructure from potential attacks!

Wallarm, a leading provider of application security solutions, offers new integration with Jira, a popular issue and project tracking tool. With this integration, Wallarm will automatically create issues in these service for any vulnerabilities that it detects, making tracking and managing security issues easier.

By integrating Wallarm with Jira, SecOps teams can streamline their security operations and make it easier to identify and resolve vulnerabilities quickly. The automatic creation of events means that security teams no longer need to manually transfer information between services, saving time and reducing the risk of errors. This integration helps SecOps stay on top of their security posture and take action to address vulnerabilities before they can be exploited.

Wallarm is dedicated to helping customers secure their applications and data by providing tools such as the integration with Jira. Wallarm is making it easier for you to leverage the power of issue tracking tools to manage security operations, ensuring that vulnerabilities are identified and resolved quickly and efficiently.

You can find more detailed information about this integration in our documentation.

Wallarm End-to-End API Security solution provides comprehensive protection against the OWASP API Security Top-10 threats. With the new OWASP API Security Top-10 dashboards provide you with complete visibility into the security state of your APIs, easy identification of your most critical security risks, and immediate ability to apply protective measures. 

The OWASP API Security Top-10 list of most commonly seen API threats helps to assess your API infrastructure and prioritize security risks. Additionally, it contains a set of recommendations for mitigating the identified risks. The main problem for defenders is that even with this list, it's incredibly hard to build an API security program, conduct ongoing assessments of different threats, and have adequate security controls and tooling in place. Therefore, defenders must determine which risks are the most critical for their situation and what measures are needed to mitigate those risks. 

Implementing a robust API Security program becomes much easier with the new OWASP API Security Top-10 dashboards from Wallarm. The automated security report enables you to pinpoint the most critical risks in your APIs, thoroughly analyze all associated events, and effortlessly apply appropriate security controls to mitigate them. By combining the strengths of complete visibility with real-time threat prevention, this feature reduces the risk of emerging threats, your workload, and your security costs. 

The new dashboards support both the current version of the OWASP API Security Top-10 2019 as well as the upcoming OWASP API Security 2023 (RC) release, anticipated to be launched later this year. For more detailed information on protection against the OWASP API Security Top-10 threats, please refer to our documentation.