Wallarm API Security Wallarm updates logo

Wallarm updates

Discover the latest features, improvements, and updates in Wallarm API Security

Subscribe to Updates

Labels

  • All Posts
  • API Security
  • WAAP
  • ANNOUNCEMENT
  • Security Edge
  • IMPROVEMENT
  • FIX
  • Security Testing
  • AI Security
  • AI Hypervisor
  • Infrastructure Discovery

Jump to Month

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • March 2022
  • February 2022
  • December 2021
  • November 2021
  • October 2021
  • August 2021
  • April 2021
  • March 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • October 2019
  • August 2019
  • April 2019
Introducing the New Attacks Interface
API SecurityANNOUNCEMENT
a week ago

Introducing the New Attacks Interface

Wallarm is pleased to announce our new Attacks interface.

There’s nothing to install. The new interface will be automatically added to your existing dashboard.

Designed to match the way security teams investigate threats, the new experience makes it easier to identify attacks, spot patterns, and drill into the details that matter.

What's new

Interactive Dashboard
Navigate attack trends and spot anomalies across your traffic. Apply filters directly from charts, tables, and statistics to quickly narrow the scope of your investigation.

Customizable Views
Save views with your preferred columns, filters, time range, and grouping. Create dedicated dashboards for specific attack types, applications, hosts, or incidents.

Attack Investigation Flow
Drill into any attack to inspect request-level details, including source IP, host, URI, payload, parameters, classifications, headers, and the full raw request.

Interactive Request Grouping
Group attacking requests by attack type, source IP, host, path, or a custom combination to reveal patterns that are difficult to spot one request at a time.

Customizable Export
Export attack data using your selected filters, columns, time range, and grouping. Tailor exports for incident response, reporting, compliance, or offline analysis.

Avatar of authorCeleste Kinswood
ANNOUNCEMENTAI SecurityAI HypervisorInfrastructure Discovery
a month ago

Introducing the Wallarm AI Control Platform

Your API security is already covered. What's changed is what's behind those APIs. AI agents are making decisions, accessing data, and calling external services right now, and most security teams can't see any of it. Not because they're not paying attention, but because no tool was built to show them.

Today that changes. We're launching the Wallarm AI Control Platform: two products that close the loop from estate-wide discovery through runtime enforcement through continuous compliance evidence. No new vendor to onboard. It extends the platform you already run.

What's shipping today

Infrastructure Discovery

Connect your AWS accounts once and get a continuously updated inventory of everything in your estate. EC2, VPC topology, EKS clusters, Lambda functions, API Gateway, IAM, and Bedrock models and agents, across every account and every region, in one searchable table.

  • Cross-account discovery via IAM role assumption, no write permissions required
  • Live relationship graph with blast-radius traversal and attack-path analysis
  • AWS Security Hub findings sync, placed on the graph node they affect with full asset context
  • Field-level drift detection between every scan, with CloudTrail creator attribution on every asset
  • Customer-authored detection and triage rules in Common Expression Language
  • Scheduled and on-demand scans; policy audit log for every triage decision

AI Hypervisor

A Kubernetes DaemonSet that instruments every AI workload at runtime via a mutating admission webhook, with zero application code changes. Label a namespace, and coverage begins within minutes. Works across Python, Go, Node.js, Java, Ruby, and generic containers.

  • Parses every major model provider: Anthropic, OpenAI, AWS Bedrock, Azure OpenAI, Google Gemini, and more
  • Attributes every LLM call back to the originating user or session, across internal service hops
  • Real-time sensitive data detection: credit cards, SSNs, passport numbers, API keys, JWT tokens
  • Session kill switch by user subject or W3C trace ID, enforced at the kernel, no restart required
  • Agent behavior certificates that pin and enforce what each agent is permitted to do
  • Continuous compliance report: AI inventory, coverage heatmap, session logs, PII egress records
  • SIEM, SOAR, and ticketing integrations for findings and policy violations

EU AI Act enforcement starts in August 2026. If that's on your radar, AI Hypervisor generates the compliance evidence you'll need continuously, not on demand when an audit appears. Getting it running now means you won't be assembling spreadsheets in July.

Learn more in our documentation for AI Hypervisor and Infrastructure Discovery, or request a demo. 

Avatar of authorWallarm team
API SecurityANNOUNCEMENT
7 months ago

Security Update: CVE-2025-55182 — Remote Code Execution in React Server Components

Update: The vulnerability is being actively exploited in the wild. To protect customers who aren’t using blocking mode across all apps and APIs, we rolled out a virtual patch that blocks exploitation of CVE-2025-55182 regardless of whether customers use blocking or monitoring mode. Reach out to support if you want to opt out.

A critical flaw (CVE-2025-55182) in React Server Components was publicly disclosed together with a working PoC. We are already seeing active exploitation attempts, including early scans and payload variants.

Wallarm Protection

Wallarm provides protection against attacks leveraging this CVE out of the box. We started detecting and blocking early exploitation attempts immediately after disclosure. Additionally, Wallarm has deployed new detection rules specifically targeting malicious RSC requests and PoC-derived payload patterns.

Summary & Technical Details

The vulnerability allows attackers to send malformed RSC metadata and tampered component streams, which can lead to:

  • Unauthorized access to server-side data
  • Manipulation of serialized RSC payloads
  • Potential remote code execution depending on application logic

Impact

Successful exploitation may result in data exposure, privilege escalation, or server-side execution in vulnerable setups.

Recommendation

Update React to the latest patched release as soon as it becomes available.

Avatar of authorWallarm team
Introducing Node 6.0
ANNOUNCEMENT
a year ago

Introducing Node 6.0

We're excited to release a significant new version of the Wallarm node. Node version 6.0 introduces a number of technical improvements that improve supportability and lay the foundation for future features.
  • Improved local data analytics: Node 6.0 replaces the Tarantool service used in the post-analytics component with a Wallarm-developed Wstore service.
  • Greater code consistency: Node 6.0 replaces a number of Python components with Golang equivalents to improve performance and supportability.
  • Smaller operational profile: Node 6.0 reorganizes a number of components to decrease the size of Wallarm artifacts.
These changes are integral to the sustainable growth and performance of the Wallarm node. In addition, they pave the way for exciting new features that are in development.
Avatar of authorWallarm team
API SecurityANNOUNCEMENTIMPROVEMENT
a year ago

Full-Fledged GraphQL Parser

We’re excited to announce that the latest Wallarm node now includes a full-fledged GraphQL parser!

With this enhancement, Wallarm significantly improves the detection of input validation attacks (e.g., SQL injections) within GraphQL requests, offering greater accuracy and minimal false positives.

Key Benefits:

  • Improved detection of input validation attacks (e.g., SQL injections) 
  • Detailed Parameter Insights: Extract and display values of GraphQL request parameters in API Sessions, utilizing them as Session Context Parameters. 

  • Precise Attack Search: Precisely identify attacks in specific GraphQL request components, such as arguments, directives, and variables.

  • Advanced Rule Application: Apply granular protection rules to specific GraphQL request parts. This enables fine-tuning and configuring exclusions for certain attack types in defined parts of GraphQL request

.

These capabilities are included in Wallarm node version 5.3.0+. 


Avatar of authorWallarm team
ANNOUNCEMENTIMPROVEMENT
a year ago

Enhanced Rule Creation Workflow for Improved Usability

Wallarm has introduced updates to the rule creation workflow, aimed at improving clarity and usability. These changes simplify the process of creating rules by dividing it into a structured, two-step approach.

Step 1: Users select the rule type, with rules now grouped into clearer, more intuitive categories.
Step 2: Users configure the parameters for the selected rule.

The rules are categorized as follows:

  • Mitigation Controls – Enable and configure protection mechanisms, such as Advanced Rate Limiting, GraphQL API Protection, or a custom Virtual Patch.
  • Fine-Tuning Attack Detection – Define exclusions and adjust detection behavior, disable WAAP protection for a certain application, disable specific parsers that are not required or disable detection of specific attack-types in specific parameters. 
  • Change Requests/Responses – general rules for handling request/response data: add custom headers or mask sensitive information.
  • API Discovery Settings – Configure API discovery parameters.

These updates aim to enhance the efficiency and clarity of rule creation, making it easier for users to implement and manage security configurations.

Read more about rules in our documentation. 

* It should be noted that the list of features may vary depending on the client’s subscriptions and user role.

Avatar of authorWallarm team
ANNOUNCEMENT
a year ago

Threat Replay Testing

Introducing Threat Replay Testing: Turn Real Attacks into Your Security Advantage

Launching January 27th, Wallarm's Threat Replay Testing (TRT) transforms your API security testing by converting actual attack attempts into comprehensive security tests. This innovative approach moves beyond traditional synthetic testing to help organizations identify and address real-world vulnerabilities.

Key Features

  • Converts incoming attacks into sanitized security tests
  • Automated testing in staging environments
  • Comprehensive attack surface coverage through attack variation generation
  • Safe payload sanitization to prevent system damage

Benefits

  • Identify vulnerabilities from real attack patterns
  • Reduce security team workload with automated test generation
  • Maintain system stability with non-production testing
  • Stay ahead of emerging threats through continuous testing

For more information, contact our sales team or visit our documentation portal.

Avatar of authorWallarm team
API SecurityANNOUNCEMENT
a year ago

Sensitive Business Flow Identification & User Attribution

Today we are excited to announce our new capability 

🔐 Sensitive Business Flows (SBF) & Advanced User Attribution in API Sessions

  • Available in API Discovery & API Sessions: Automatically identify and tag critical endpoints related to key business functions like authentication, billing, and account management across both API Discovery and API Sessions.
  • Customizable Tagging: Easily adjust and assign Sensitive Business Flows tags manually to meet your unique business requirements.
  • Focused Security: Filter and prioritize the protection of your most vital API endpoints and user sessions, ensuring robust security where it matters most.

    👥 Advanced User Attribution in API Sessions

    • User & Role-Based Filtering: Attribute sessions to specific users and roles, enabling targeted monitoring and improved threat detection.
    • Granular Insights: Gain deeper visibility into API sessions to implement more effective analysis of user activity and take security measures faster.









Avatar of authorWallarm team
ANNOUNCEMENT
a year ago

Product Announcement: Security Edge Service

Security at your API Edge

We are excited to announce the launch of our new Security Edge service! This powerful solution enables customers to easily deploy filtering nodes in geographically distributed locations, providing turnkey protection for your API landscape. 


Key Benefits:

  • Hosted, Managed, Simplified

Infrastructure, deployment, and monitoring are all handled by Wallarm, reducing the resources required from the customer. Wallarm ensures that nodes are kept up to date and functional, removing maintenance requirements from customers.

  • Low Latency, Lower Cost

Adding additional hops to API traffic increases latency, which in turn impacts ROI for applications. Unlike other API Security solutions, such as CDNs, Security Edge nodes can be geographically distributed at the API edge to deliver security capabilities with minimal latency. 

  • Operational Visibility

Managed solutions typically trade ease-of-use for operational visibility, providing a turnkey solution, but limiting the customer’s ability to understand the operational profile of each service. With Security Edge, customers have full access to logs, events, real-time traffic metrics, eliminating the trade-off. 


Stay ahead of potential threats and ensure your APIs are secure with our new Security Edge service. 




Avatar of authorWallarm team
API SecurityANNOUNCEMENT
a year ago

Product Announcement: Sensitive Data Detection Enhancements

We are excited to announce the launch of our new sensitive data detection features for the API Discovery module. This powerful new enhancement helps users identify when sensitive data, such as login credentials, financial information, personal data, and technical data, are being exposed in your APIs. Our advanced detection technology allows for easy customization with context words, making it simpler and more effective than ever to protect your sensitive information.



 

Key Benefits:

  • Enhanced Security: Automatically detects and alerts users to exposures of sensitive data with 40+ out of the box detections, reducing the risk of data breaches.
  • Regulatory Compliance: Helps ensure compliance with data protection regulations such as HIPAA, PCI, and GDPR.
  • User-Friendly Customization: Easily create custom detections using context words, without the need for complex regular expressions.
  • Operational Efficiency: Reduces manual monitoring efforts, freeing up resources for other critical tasks.
  • Real-Time Monitoring: Continuous monitoring of API requests and responses for immediate detection and response.

 

Stay ahead of potential threats and ensure your data is secure with our new sensitive data detection enhancements.



Avatar of authorWallarm team