• Improved local data analytics: Node 6.0 replaces the Tarantool service used in the post-analytics component with a Wallarm-developed Wstore service.
• Greater code consistency: Node 6.0 replaces a number of Python components with Golang equivalents to improve performance and supportability.
• Smaller operational profile: Node 6.0 reorganizes a number of components to decrease the size of Wallarm artifacts.

We’re excited to announce that the latest Wallarm node now includes a full-fledged GraphQL parser!

With this enhancement, Wallarm significantly improves the detection of input validation attacks (e.g., SQL injections) within GraphQL requests, offering greater accuracy and minimal false positives.

Key Benefits:

• Improved detection of input validation attacks (e.g., SQL injections) 
• Detailed Parameter Insights: Extract and display values of GraphQL request parameters in API Sessions, utilizing them as Session Context Parameters. 
  

• Precise Attack Search: Precisely identify attacks in specific GraphQL request components, such as arguments, directives, and variables.

• Advanced Rule Application: Apply granular protection rules to specific GraphQL request parts. This enables fine-tuning and configuring exclusions for certain attack types in defined parts of GraphQL request

.

These capabilities are included in Wallarm node version 5.3.0+. 

Wallarm has introduced updates to the rule creation workflow, aimed at improving clarity and usability. These changes simplify the process of creating rules by dividing it into a structured, two-step approach.

Step 1: Users select the rule type, with rules now grouped into clearer, more intuitive categories.
Step 2: Users configure the parameters for the selected rule.

The rules are categorized as follows:

• Mitigation Controls – Enable and configure protection mechanisms, such as Advanced Rate Limiting, GraphQL API Protection, or a custom Virtual Patch.
• Fine-Tuning Attack Detection – Define exclusions and adjust detection behavior, disable WAAP protection for a certain application, disable specific parsers that are not required or disable detection of specific attack-types in specific parameters. 
• Change Requests/Responses – general rules for handling request/response data: add custom headers or mask sensitive information.
• API Discovery Settings – Configure API discovery parameters.

These updates aim to enhance the efficiency and clarity of rule creation, making it easier for users to implement and manage security configurations.

Read more about rules in our documentation. 

* It should be noted that the list of features may vary depending on the client’s subscriptions and user role.

Introducing Threat Replay Testing: Turn Real Attacks into Your Security Advantage

Launching January 27th, Wallarm's Threat Replay Testing (TRT) transforms your API security testing by converting actual attack attempts into comprehensive security tests. This innovative approach moves beyond traditional synthetic testing to help organizations identify and address real-world vulnerabilities.

Key Features

• Converts incoming attacks into sanitized security tests
• Automated testing in staging environments
• Comprehensive attack surface coverage through attack variation generation
• Safe payload sanitization to prevent system damage

Benefits

• Identify vulnerabilities from real attack patterns
• Reduce security team workload with automated test generation
• Maintain system stability with non-production testing
• Stay ahead of emerging threats through continuous testing

For more information, contact our sales team or visit our documentation portal.

Today we are excited to announce our new capability 

🔐 Sensitive Business Flows (SBF) & Advanced User Attribution in API Sessions

• Available in API Discovery & API Sessions: Automatically identify and tag critical endpoints related to key business functions like authentication, billing, and account management across both API Discovery and API Sessions.
• Customizable Tagging: Easily adjust and assign Sensitive Business Flows tags manually to meet your unique business requirements.

• Focused Security: Filter and prioritize the protection of your most vital API endpoints and user sessions, ensuring robust security where it matters most.
  
  

  

  👥 Advanced User Attribution in API Sessions

  • User & Role-Based Filtering: Attribute sessions to specific users and roles, enabling targeted monitoring and improved threat detection.

  • Granular Insights: Gain deeper visibility into API sessions to implement more effective analysis of user activity and take security measures faster.

    
    
    

    

    
    

    
    

    
    

    
    

Security at your API Edge

We are excited to announce the launch of our new Security Edge service! This powerful solution enables customers to easily deploy filtering nodes in geographically distributed locations, providing turnkey protection for your API landscape. 

Key Benefits:

• Hosted, Managed, Simplified

Infrastructure, deployment, and monitoring are all handled by Wallarm, reducing the resources required from the customer. Wallarm ensures that nodes are kept up to date and functional, removing maintenance requirements from customers.

• Low Latency, Lower Cost

Adding additional hops to API traffic increases latency, which in turn impacts ROI for applications. Unlike other API Security solutions, such as CDNs, Security Edge nodes can be geographically distributed at the API edge to deliver security capabilities with minimal latency. 

• Operational Visibility

Managed solutions typically trade ease-of-use for operational visibility, providing a turnkey solution, but limiting the customer’s ability to understand the operational profile of each service. With Security Edge, customers have full access to logs, events, real-time traffic metrics, eliminating the trade-off. 

Stay ahead of potential threats and ensure your APIs are secure with our new Security Edge service. 

We are excited to announce the launch of our new sensitive data detection features for the API Discovery module. This powerful new enhancement helps users identify when sensitive data, such as login credentials, financial information, personal data, and technical data, are being exposed in your APIs. Our advanced detection technology allows for easy customization with context words, making it simpler and more effective than ever to protect your sensitive information.

Key Benefits:

• Enhanced Security: Automatically detects and alerts users to exposures of sensitive data with 40+ out of the box detections, reducing the risk of data breaches.
• Regulatory Compliance: Helps ensure compliance with data protection regulations such as HIPAA, PCI, and GDPR.
• User-Friendly Customization: Easily create custom detections using context words, without the need for complex regular expressions.
• Operational Efficiency: Reduces manual monitoring efforts, freeing up resources for other critical tasks.
• Real-Time Monitoring: Continuous monitoring of API requests and responses for immediate detection and response.

Stay ahead of potential threats and ensure your data is secure with our new sensitive data detection enhancements.

In the realm of cybersecurity, the struggle is intrinsically imbalanced. Attackers need only to find a single weak point to compromise defenses, often using automated tools to pinpoint critical vulnerabilities quickly. This highlights the need for security teams to anticipate threats from a hacker's perspective and proactively anticipate and prepare for potential threats.

We are excited to introduce API Attack Surface Management (AASM), a revolutionary set of capabilities designed to empower organizations to enumerate, assess, and manage the public-facing aspects of their APIs. AASM addresses the unseen risks associated with the proliferation of APIs in modern application delivery and integration, including the risks of API leaks.

API leaks pose a significant security risk, potentially exposing sensitive information and leading to data breaches. Wallarm proactively safeguards against such risks by detecting and alerting on API secrets inadvertently leaked across public platforms like GitHub, Postman collections, SwaggerHub, and more. As an integral component of the Wallarm App and API Security platform, AASM can strengthen your security and allow you to easily block detected leaks using WAAP or the Advanced API Security solution. 

The addition of API Attack Surface Management in Wallarm’s portfolio represents a significant advancement for our customers, fortifying their security infrastructure against evolving API threats. Experience these new capabilities firsthand by requesting a trial today.

We are happy to introduce the Wallarm NGINX Ingress Controller with ARM64 support. As ARM64 architecture continues to gain prominence in server solutions, we are committed to staying at the forefront of technology to meet the evolving needs of our customers.

ARM64 architectures offer energy-efficient performance, helping organizations optimize capacity, cut compute costs, and modernize their API operations. To meet the rising demand for API security, customers seek ARM64-compatible solutions, ensuring uniform security protocols across diverse setups. Adopting a single security platform which covers both traditional x86 and ARM64 architectures lets organizations adapt to evolving needs while strengthening protection.

With Wallarm NGINX Ingress Controller now supporting ARM64 architecture, we are aligning with industry adoption and empowering our customers to leverage this cutting-edge technology for enhanced security in their API environments.

Feel free to talk with Wallarm's security experts if you'd like to learn more.

We're excited to announce that Wallarm node 4.8 is now available!

The new node’s version contains significant enhancements to our DenyList functionality, a very effective defensive measure against high-volume attacks (e.g., brute-force, path traversal, bot attacks, etc.).

In pursuit of enhancing usability and understanding of attack profiles, we gather detailed statistics about all blocked packets. Now, you can analyze not only the initial packets that led to the blocking of a particular source, but you can also see the total number of packets blocked after a source has been added to the DenyList.

This improvement will allow you to evaluate the power of attacks and more accurately analyze event statistics by various parameters. To provide a better perspective of each attack, examples of blocked packets will be preserved for every incident.

We believe this functionality will serve as a powerful tool in understanding and combating high-volume attacks. 

You can find more information about this functionality in our documentation.