Imagine Zombie APIs as the digital world's undead. They're APIs that refuse to disappear, even when they should have. Zombie APIs might remind you of horror movies, but they're a real concern. They can expose sensitive data, such as user information or confidential records, cause compliance issues with applicable security standards or regulations, slow down application agility, and hinder the ability to adapt to changing business needs.

These lurking APIs could pose a security risk, and that's where Wallarm steps in. With the Wallarm Zombie API detection feature, you can be confident your APIs are genuinely secure.

The Wallarm solution empowers security teams to compare and verify their different API specification versions with those automatically generated by Wallarm API Discovery. This allows SecOps and Security Analysts to spot any inconsistencies that might signal the presence of Zombie APIs. This way, they can swiftly act to minimize potential security threats.

Don't wait until it's too late. Begin utilizing the Wallarm Zombie API detection feature today and shield your API infrastructure from possible attacks!

You can find more detailed information about this feature in our documentation.

Effective protection against automated threats requires a combination of defensive measures, including the integration of statistical and behavioral analyses along with straightforward measures such as brute-force triggers, rate limiting, and blocklists.

In situations such as mass attacks, the same hosts might be deployed against various targets, giving rise to phenomena such as “Bot-Net-as-a-Service.” The most efficient way to counteract this is through the automated exchange and blocking of malicious feeds.

We've introduced a new source type known as "Malicious IPs," which comprises hundreds of thousands of addresses identified in diverse Internet attacks. You can quickly gauge the level of attacks from these IPs and block them if necessary. The “Malicious IPs” feed updates automatically, ensuring that most active bot-nets are blocked without impacting regular users.

We are excited to announce that the Wallarm End-to-End API Security solution has taken another significant step forward with the addition of Orphan API Detection to the API Discovery module.

An Orphan API is an endpoint listed in your API specification, but unused by any applications. Unused APIs like these can lead to unnecessary problems, including:

• Inefficient resource allocation causes system inefficiencies.
• Difficulty in maintaining your API infrastructure.
• Lack of visibility into your API infrastructure.
• Violation of API design principles, resulting in issues with maintainability, scalability, and security.

With this solution, DevSecOps and Development teams can now identify Orphan APIs, whether they're external or internal. Wallarm allows you to compare and validate API specifications with those automatically generated by Wallarm API Discovery. This comparison empowers you to optimize resource allocation and significantly improve the efficiency of your API infrastructure.

You can find more detailed information about this feature in our documentation.

We are happy to announce the addition of new filters for event search queries in Wallarm. Now you can easily search for malicious requests that have been detected based on specific criteria:

• Search by Wallarm node UUID: You can search for malicious requests detected by a particular Wallarm node using the ‘node_uuid:’ prefix followed by the UUID of the desired node. Using this filter is valuable when you need to validate the protection status for every node within a cluster. You can include multiple ‘node_uuid:’ prefixes in your search query. For example:

attacks incidents today node_uuid: 13c431b2-3d2a-12cf-9909-408418077431 node_uuid: 1244b531-734a-1822-ac84-b28ccdac1b56

• Search by Regex-based attack indicator rule: You can search for malicious requests detected using a Regex-based attack indicator rule by using the ‘custom_rule’ parameter. The event details will contain a link to the triggered rule. With this parameter, you can easily find malicious requests detected by your rules and verify their correctness. Additionally, you can also exclude similar malicious requests from the search results using an exclamation point (the  ‘!’ symbol). For example:

attacks incidents today !custom_rule

For more information on search query formats, please refer to the Wallarm documentation.

We are excited to announce a new feature in the API Discovery module that will help you better monitor your endpoints. With this update, you gain deeper insights into your endpoints' usage, including: 

• the number of requests made over the last 7 days;
• the number of requests made in the last 24 hours; 
• the average number of requests per second (RPS) in the last 24 hours.

Gaining visibility into Shadow API activity and risky endpoints is crucial for security investigations. Our new endpoint request statistics feature provides the necessary visibility to investigate such endpoints activity and ensure the security of your API infrastructure.

You can find more detailed information about endpoint request statistics in our documentation.

We are pleased to announce Wallarm End-to-End API Security integration with the MuleSoft Anypoint Platform, a powerful integration solution that enables businesses to connect their data, devices, and applications seamlessly. The Anypoint Platform delivers an application network, bridging on-premise and cloud deployments through API-led connectivity.

To facilitate this integration, Wallarm utilizes a policy specifically tailored for the MuleSoft Anypoint Platform. Now you can easily map your Wallarm policies to any API registered on the Anypoint Platform, seamlessly delivering API traffic to Wallarm nodes and protecting all your API endpoints from API attacks and abuse.

Find more information on how to leverage this integration in Wallarm documentation.

Wallarm API Abuse Prevention addresses one of the most critical API threats: malicious bots. Wallarm can now accurately identify and mitigate API bot activity, protecting your system from API abuse, account takeover, credential stuffing, price scraping, and more, while preserving the best possible user experience for your legitimate API users. API Abuse Prevention can save businesses from potential lost revenue, protect customer information, and prevent reputational damage.

Wallarm employs AI-driven anomaly detection algorithms to identify unusual patterns in API requests, user sessions, or data access. These algorithms learn from normal user behavior and can flag potential API abuse in real-time, allowing organizations to take proactive measures to mitigate threats.

Some of the advantages of our approach include: 

• It Provides Detection and Protection. You can guard against the blind spot in your API defenses by recognizing and differentiating between legitimate vs. malicious automated behaviors and blocking those likely to cause harm based on your unique scenarios.
• It’s Integrated. Our API Abuse Prevention capability is delivered as part of the Wallarm End-to-End API Security solution, providing you with a single platform to protect your entire API estate so you do not have to add another tool / workflow into your process.
• It’s Customizable. You can assemble detectors and thresholds to customize protections appropriate for your API estate.

If you're interested in learning more about Wallarm's API Abuse Prevention and how it can protect your business, please visit our website or contact our sales team for more information.

We are excited to introduce our new All-in-One installer, designed to streamline and standardize the process of installing Wallarm as a dynamic module for NGINX in various environments.

The All-in-One installer autonomously identifies your operating system and NGINX versioning and installs all the requisite dependencies, saving you valuable time and minimizing the chance for error.

To ensure the smooth functioning of the Wallarm Node, the installer places all required components into a self-contained environment, eliminating any risk of dependency conflicts and paving the way for effortless future updates.

The All-in-One installer supports the following installation environments:

• Debian 10, 11 and 12.x;
• Ubuntu LTS 18.04, 20.04, 22.04;
• CentOS 7, 8, 9 Stream;
• Alma/Rocky Linux 9, Oracle Linux 8.x, Redos, SuSe Linux; 
• and other popular Linux distros.

Furthermore, the All-in-One installer allows you to try out the beta version of the Wallarm Node for the ARM64 architecture.

We’re confident this enhancement will provide you a more seamless installation experience, and we look forward to hearing your feedback. 

A description of the new installation option can be found in our documentation.

According to Gartner's March 2022 API survey, a staggering 98% of organizations currently use or plan to use internal APIs, up from 88% in 2019. Additionally, 90% of organizations utilize or have plans to utilize private APIs provided by partners, up from 68% in 2019.

Focusing solely on protecting your public-facing APIs leaves a significant blind spot in your API security posture. Our latest findings, detailed in the Q1-2023 API ThreatStats™ report infographic, confirm this fact.

In our analysis of publicly released API vulnerabilities during Q1-2023, we observe an increase in the number of vulnerabilities, with severity levels consistently in the High range. However, as past reports have revealed, it's what lies beneath the surface that can have a substantial impact.

For detailed insights, we encourage you to explore the complete report on the Wallarm blog. 

We are excited to announce the integration of Wallarm End-to-End API Security with Amazon Web Services (AWS) S3. We understand that investigating incidents can be a complex and time-consuming process. With this new integration, Wallarm can now export detected malicious requests to AWS S3 for in-depth analysis and security incident investigation. 

This integration enables security analysts to:

• Receive detected malicious requests from Wallarm to AWS S3
• Conduct detailed analysis and investigations of security incidents
• Correlate data from different sources to gain a comprehensive view of security events

By integrating Wallarm API Security with AWS S3, we are making it easier for security teams to detect and respond to security incidents quickly and effectively.

You can find more detailed information on this capability in our documentation.