An important focus of the team in June is to improve the detection of XSS, RCE and Time-Based SQL Injections. There have also been improvements in detection of automated scanning tools—Wallarm can now detect scans conducted by Qualys tool.

Furthermore, the following scanner extensions have been implemented:

• Detection of GOlang profiler
• Detection of RCE Primefaces (CVE-2017-1000486)
• Detect of Apache Tomcat AJP Vulnerability (CVE-2020-1938)
• Detection of insecure NoSQL Tarantool exposed with no authentication
• Apache Zookeeper Detect Available w/o Authentication (CVE-2018-8012)

Improvements are available for all Wallarm customers. No additional update steps required.