Wallarm API Security Wallarm updates logo

Wallarm updates

Discover the latest features, improvements, and updates in Wallarm API Security

Subscribe to Updates

Labels

  • All Posts
  • API Security
  • WAAP
  • ANNOUNCEMENT
  • IMPROVEMENT
  • FIX
  • FAST

Jump to Month

  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • March 2022
  • February 2022
  • December 2021
  • November 2021
  • October 2021
  • August 2021
  • April 2021
  • March 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • October 2019
  • August 2019
  • April 2019
IMPROVEMENT
a year ago

A New Way to Add Users

We’ve updated Wallarm’s user management function with the ability to invite a new user via an invitation link. This new capability allows administrators to produce an invitation link that can be shared with unregistered users so they can sign up for their specific client. 



If provided, the link will populate the user’s email address automatically, and create a user within the client once the new user has submitted their name and password. Additionally, the link can be set with an expiration time and specific user role as well. The invite by link functionality is also available via the Wallarm API for automation use cases. 

Avatar of authorWallarm team
API SecurityWAAPIMPROVEMENT
a year ago

Evaluate your security posture with NIST CSF dashboards

We are excited to introduce our latest new feature: NIST CSF 2.0 Dashboards for the Wallarm platform. These dashboards offer a high-level overview of Wallarm security controls that comply with the NIST CSF version 2.0, empowering teams to effectively assess the security level of their APIs. Utilizing the NIST Cybersecurity Framework, our product now delivers comprehensive insights into your security posture, aligning with industry standards and best practices. This feature is designed to guide you through identifying, protecting, detecting, and responding to cybersecurity threats, ensuring a resilient infrastructure. Leverage this new dashboard to assess and improve your API and application security controls.

You can find more detailed information about this feature in our documentation.

Avatar of authorWallarm team
API SecurityWAAPIMPROVEMENT
a year ago

Wallarm Node 4.10.1

Following a successful release of our 4.10 node including several version upgrades and a real-time credential stuffing detection, we are now excited to announce the first update.

This update addresses a number of minor vulnerability findings related to our Docker image and provides support for future feature releases. In this node update, the following vulnerability findings were addressed: CVE-2020-36327, CVE-2023-37920, CVE-2021-41816, CVE-2021-33621, CVE-2021-41819, CVE-2021-41817, CVE-2020-14343, CVE-2021-31799, CVE-2021-28965, CVE-2023-28755, CVE-2020-25613

For detailed information and instructions, please refer to our documentation.

Avatar of authorWallarm team
API SecurityIMPROVEMENT
a year ago

A new way to detect credential stuffing

In the ever-evolving landscape of cybersecurity, we're thrilled to announce an addition to the Wallarm arsenal: Credential Stuffing detection. Criminals are deploying automated bots using stolen credentials that aim to exploit overlapping logins across services. Users' tendency to reuse passwords makes businesses susceptible to this type of unauthorized access, fraud, and trust erosion. As digital footprints expand, defending against Credential Stuffing is now a business imperative.

Wallarm offers multiple means to detect credential stuffing, including detection of brute force attempts and behavioral detection with API Abuse Prevention. The new credential stuffing detection feature gives security analysts even more control. Every instance of a known-compromised credential in use can now be spotted. Users can: 

  • Configure specific authentication endpoints for credential stuffing monitoring.
  • Leverage recommendations from API Discovery to automatically identify endpoints used for authentication. 
  • Configure triggers and notifications for credential stuffing events.

Wallarm, supported by a massive database of over 850 million compromised passwords, helps organizations quickly identify when user accounts have been compromised. This new feature expands Wallarm’s ability to protect against credential stuffing.

As businesses expand their online footprint, encompassing both WebApps and APIs, the need for a robust defense against Credential Stuffing has never been more crucial. Wallarm doesn't just meet this need; it exceeds expectations. 

Credential Stuffing detection is available with the Advanced API Security subscription and in brand new Wallarm node 4.10. You can find more detailed information about this feature in our documentation.

Avatar of authorWallarm team
API SecurityWAAP
a year ago

Introducing Wallarm Node 4.10

Wallarm has released a new version of the Wallarm node. Node 4.10 is designed to support new features, but also includes a number of updates. 

This version of the Wallarm node includes an optimized and more secure NGINX-based Docker image. Full details are included in our updated documentation. Some key changes are:

  • The Docker image is now built on Alpine Linux.
  • Updated to the latest stable version of NGINX, 1.24.0, replacing the previous 1.14.x version. 
  • Resolves a number of vulnerabilities, including the HTTP/2 Rapid Reset Vulnerability (CVE-2023-44487)
  • Support for processors with ARM64 architecture
  • The Docker image is now built using our previously announced all-in-one installer.
Avatar of authorWallarm team
API Security
a year ago

API Discovery Dashboard, Now Including Rogue APIs

Following the release of rogue API detection for shadow, orphan, and zombie APIs, we’re happy to announce the inclusion of rogue APIs in the API Discovery Dashboard. 

Users can now view the summary of rogue APIs discovered in the API Discovery Dashboard, along with an easy click-through to view the specific details for each category in the API Discovery interface. 

Comparing API specifications with data from API Discovery can help you identify and eliminate risks from unused and undocumented endpoints. 

Avatar of authorWallarm team
API Security
a year ago

Server-Side Template Injection in Confluence Data Center and Server (CVE-2023-22527)

Product Changelog

Wallarm has added rules for detecting exploitation of a critical Server-Side Template Injection (SSTI) vulnerability in Confluence Data Center and Server (CVE-2023-22527). The vulnerability allows an unauthenticated attacker to inject OGNL expressions into the Confluence instance and, thus, execute arbitrary code in the system. Since the nuclei template for vulnerability detection was published, we have observed multiple scanning attempts in client infrastructure. 

We highly recommend upgrading the Confluence Data Center and Server as soon as possible. If your confluence installation is exposed to the Internet, we highly recommend detaching the system from the Internet as soon as possible and checking the server for malicious Indicators-of-Compromise. 

Wallarm clients can also utilize and configure the platform's Virtual Patch functionality to block the exploitation attempts if nodes are configured in monitoring (not-blocking) mode. 

References:

NVD NIST: https://nvd.nist.gov/vuln/detail/CVE-2023-22527 

Vendor’s Advisory: https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html

Vendor’s FAQ: https://confluence.atlassian.com/kb/faq-for-cve-2023-22527-1332810917.html

Nuclei Template: https://github.com/projectdiscovery/nuclei-templates/pull/8982?ref=blog.projectdiscovery.io 

Avatar of authorWallarm team
IMPROVEMENT
a year ago

Instant Notifications on Shadow, Zombie, and Orphan APIs

We're thrilled to unveil a new feature in our API Security platform, the ability to receive notifications about detected Shadow, Zombie, and Orphan APIs. 

These Rogue APIs pose a significant risk to your organization. They could be Shadows hiding in plain sight, Zombies consuming resources, or Orphans left unattended. Rogue APIs can expose sensitive data, hog bandwidth, and leave your application vulnerable.

 Starting now, you can receive notifications about the newly detected Rogue APIs directly in your SIEM, SOAR, Log management system, or even your favorite messaging app. In each notification you can find all the necessary information, like the API host where the threat was spotted, the API specification used, and more.

Stay one step ahead of potential threats with our Rogue API Notifications feature! Your APIs deserve the best defense, and we're here to deliver.

You can find more information about this functionality in our documentation.

Avatar of authorWallarm team
IMPROVEMENT
a year ago

Introducing Dark Theme – A Delight for Your Eyes!

We've got some exciting news that's easy on the eyes – literally! Say hello to our brand new Dark Theme feature, a sleek and comfortable visual option now available in Wallarm. We know those long hours spent safeguarding digital realms can be tough on your eyes, so we've designed this theme with you in mind. It's not just about the cool, modern look; it's about reducing eye strain and making your experience with our product more comfortable, especially during those late-night monitoring sessions.

Simply click on your user profile icon in the upper right corner of the user interface to switch between light and dark themes. The Dark Theme offers a visually appealing interface with subtle contrasts and dark tones, significantly reducing screen glare. We believe this small change can make a big difference in your daily routine, enhancing focus and reducing fatigue. As always, your feedback is invaluable – let us know how this new feature works for you.

Avatar of authorWallarm team
API SecurityWAAP
a year ago

Protection for Remote Code Execution in Apache Struts2 CVE-2023-50164

Wallarm has added rules for detecting exploitation of a Remote Code Execution vulnerability in Apache Struts2 (CVE-2023-50164). Wallarm clients are now able to observe any detected exploitation attempts by searching for CVE-2023-50164 in the Events/Attacks section.

About the vulnerability

This vulnerability exists in the framework’s handling of file upload parameters which can be abused to upload a malicious file, such as a web shell. Successful exploitation provides the ability to execute arbitrary code on the server. The vulnerability has a 9.8 CVSS Score (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). 

The vulnerability can be exploited by unauthenticated, remote attackers and doesn’t require advanced technical knowledge. Public exploits for the vulnerability have been published on GitHub (exploit#1 and exploit#2).

Due to the prevalence of the Apache Struts2 framework across enterprise infrastructure and its public exposure on Internet-facing web servers, the vulnerability is being actively exploited and has received significant attention in the cybersecurity community. Just days after publishing, it became clear that this vulnerability would be one of the most popular and noticeable vulnerabilities of the year. 

It is highly recommended that organizations update the Apache Struts2 framework as soon as possible (vulnerable versions range from 2.5.0 to 2.5.32 and 6.0.0 to 6.3.0). 

Avatar of authorWallarm team