Wallarm API Security Wallarm updates logo

Wallarm updates

Discover the latest features, improvements, and updates in Wallarm API Security

Subscribe to Updates

Labels

  • All Posts
  • API Security
  • WAAP
  • ANNOUNCEMENT
  • IMPROVEMENT
  • FIX
  • FAST

Jump to Month

  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • March 2022
  • February 2022
  • December 2021
  • November 2021
  • October 2021
  • August 2021
  • April 2021
  • March 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • October 2019
  • August 2019
  • April 2019
API SecurityIMPROVEMENT
2 months ago

Improved SSO Provisioning

We’re excited to announce the launch of our improved Single Sign-On (SSO) Provisioning—a better way to manage users and permissions in Wallarm. This new enhancement to the platform’s existing SSO support allows customers to manage users and roles from within their SSO provider. 

Benefits at a Glance:

  • Centralized Control: Manage all user access from one place.
  • Faster Onboarding: Seamlessly add and update users via your SSO provider.
  • Align groups in your SSO provider with Wallarm roles. Every new user added to an SSO group will automatically receive appropriate access to Wallarm!

You can read more in the documentation. To activate SSO Provisioning, contact the Wallarm support team.

Avatar of authorWallarm team
API SecurityANNOUNCEMENTIMPROVEMENT
3 months ago

Full-Fledged GraphQL Parser

We’re excited to announce that the latest Wallarm node now includes a full-fledged GraphQL parser!

With this enhancement, Wallarm significantly improves the detection of input validation attacks (e.g., SQL injections) within GraphQL requests, offering greater accuracy and minimal false positives.

Key Benefits:

  • Improved detection of input validation attacks (e.g., SQL injections) 
  • Detailed Parameter Insights: Extract and display values of GraphQL request parameters in API Sessions, utilizing them as Session Context Parameters. 

  • Precise Attack Search: Precisely identify attacks in specific GraphQL request components, such as arguments, directives, and variables.

  • Advanced Rule Application: Apply granular protection rules to specific GraphQL request parts. This enables fine-tuning and configuring exclusions for certain attack types in defined parts of GraphQL request

.

These capabilities are included in Wallarm node version 5.3.0+. 


Avatar of authorWallarm team
ANNOUNCEMENTIMPROVEMENT
3 months ago

Enhanced Rule Creation Workflow for Improved Usability

Wallarm has introduced updates to the rule creation workflow, aimed at improving clarity and usability. These changes simplify the process of creating rules by dividing it into a structured, two-step approach.

Step 1: Users select the rule type, with rules now grouped into clearer, more intuitive categories.
Step 2: Users configure the parameters for the selected rule.

The rules are categorized as follows:

  • Mitigation Controls – Enable and configure protection mechanisms, such as Advanced Rate Limiting, GraphQL API Protection, or a custom Virtual Patch.
  • Fine-Tuning Attack Detection – Define exclusions and adjust detection behavior, disable WAAP protection for a certain application, disable specific parsers that are not required or disable detection of specific attack-types in specific parameters. 
  • Change Requests/Responses – general rules for handling request/response data: add custom headers or mask sensitive information.
  • API Discovery Settings – Configure API discovery parameters.

These updates aim to enhance the efficiency and clarity of rule creation, making it easier for users to implement and manage security configurations.

Read more about rules in our documentation. 

* It should be noted that the list of features may vary depending on the client’s subscriptions and user role.

Avatar of authorWallarm team
IMPROVEMENT
9 months ago

LDAP Systems Integration

We are excited to announce the integration of LDAP systems with Wallarm. This new feature allows seamless authentication and user management through your existing LDAP setup.
Key Features:
  • LDAP Authentication: Easily authenticate users with LDAP.
  • User Management: Manage user roles and permissions directly through LDAP for use in Wallarm Console.
For detailed instructions on setting up and configuring LDAP integration, please refer to our LDAP Configuration Guide.
LDAP configuration is not available until activated, for activation, contact the Wallarm support team.
Avatar of authorWallarm team
API SecurityIMPROVEMENT
10 months ago

A fresh look at malicious bot activity


We are releasing improvements to the API Abuse dashboards that make it easier to analyze bot behavior. With a new timeline diagram, you can easily identify spikes in bot activity and drill down to investigate them. Additional Top Attackers and Top Targets widgets allow you to determine the most active bots and the most attacked APIs/Applications.

With this update, you also get the ability to search for events related to specific types of bots in the attack list. You can find more details in our documentation.


Avatar of authorWallarm team
API SecurityWAAPIMPROVEMENT
10 months ago

Wallarm Node 4.10.7

An update to our filtering node is live. Node 4.10.7 is designed to support new features, and to address number of performance updates. 

This version of the Wallarm node includes updates for several NGINX versions. Full details are included in our updated documentation. 

Other key changes are:

  • API Specification Enforcement no longer requires manual NGINX configuration
  • Optimized OpenAPI data type detection by the API Discovery module

We have also updated documentation for our all-in-one installer including detailed information about migration from from DEB/RPM packages to AiO.

Avatar of authorWallarm team
API SecurityWAAPIMPROVEMENT
11 months ago

Wallarm Node 4.10.6

Today we'd like to announce a new version of our filtering node. Node 4.10.6 is designed to support new features, but also includes a number of performance updates. 

The key features include:

  • Enhanced OpenAPI data type detection by the API Discovery module
  • Improved memory utilisation in long-lived gRPC connections
  • Added support for NGINX v1.26.0
  • Fixed compatibility issues with the Kong Gateway
  • Return proper non-zero exit codes during installation errors, addressing previous issues
  • Ability to test regular expressions intended for user-defined attack detectors

Full details are included in our updated documentation. 

Avatar of authorWallarm team
API SecurityWAAPIMPROVEMENTFIX
a year ago

Wallarm Nodes 4.10.2 - 4.10.4 releases and 4.8.9 performance update


We are excited to announce the release of the latest update to Wallarm Node, version 4.10.4, which is now available for installation.

This update includes several performance improvements that enhance your overall experience with our software.
Key updates in this version include:

  • Added support for API Specification Enforcement (Coming Soon!)
  • Added support for GraphQL API Protection (Coming Soon!)
  • Added support for NGINX v1.25.4


Previous updates 4.10.3 and 4.10.2 introduced:

  • Internal improvements for higher reliability and security, including better synchronization between the filtering node and Wallarm Cloud, and reducing overall node memory usage.
  • Fixed vulnerabilities:

    • CVE-2021-43809
    • CVE-2023-48795

We have also upgraded 4.8.9 performance for Nginx Ingress reducing CPU resources consumption by half.

These changes reflect our ongoing commitment to quality and customer satisfaction.

For detailed information and instructions, please refer to our documentation.

Avatar of authorWallarm team
IMPROVEMENT
a year ago

A New Way to Add Users

We’ve updated Wallarm’s user management function with the ability to invite a new user via an invitation link. This new capability allows administrators to produce an invitation link that can be shared with unregistered users so they can sign up for their specific client. 



If provided, the link will populate the user’s email address automatically, and create a user within the client once the new user has submitted their name and password. Additionally, the link can be set with an expiration time and specific user role as well. The invite by link functionality is also available via the Wallarm API for automation use cases. 

Avatar of authorWallarm team
API SecurityWAAPIMPROVEMENT
a year ago

Evaluate your security posture with NIST CSF dashboards

We are excited to introduce our latest new feature: NIST CSF 2.0 Dashboards for the Wallarm platform. These dashboards offer a high-level overview of Wallarm security controls that comply with the NIST CSF version 2.0, empowering teams to effectively assess the security level of their APIs. Utilizing the NIST Cybersecurity Framework, our product now delivers comprehensive insights into your security posture, aligning with industry standards and best practices. This feature is designed to guide you through identifying, protecting, detecting, and responding to cybersecurity threats, ensuring a resilient infrastructure. Leverage this new dashboard to assess and improve your API and application security controls.

You can find more detailed information about this feature in our documentation.

Avatar of authorWallarm team