We're excited to introduce our new API specification enforcement feature. This new capability allows users to upload and enforce API specifications with Wallarm.

Negative security models that define what to block with signatures and rules are important, but they operate on the principle of blocking known-bad events. Positive security models do the opposite by defining what’s allowed and blocking everything else. With the addition of API specification enforcement, Wallarm users now have the benefit of both models.
With API specification enforcement, security analysts can upload OpenAPI specifications to detect and block non-compliant API requests. This proactive approach, blocking anything that isn’t explicitly allowed, supports a shift left for API security in production. By connecting developers with production security through defined specifications, it minimizes the risk of costly breaches and downtime.

With the new API specification enforcement feature, Wallarm can detect violations such as:

• Requests sent to endpoints that are not specified in the API specification
• Unknown parameters in requests
• Missing required parameters in requests
• Invalid data types in parameters
• Requesting an endpoint with an incorrect authentication method

Stay secure, mitigate risks, and embrace a proactive security approach with Wallarm End-to-End API Security.

To use API specification enforcement, you must have an Advanced API Security subscription and update your Wallarm node to the latest version (4.10.4 or above). You can find more detailed information about this feature in our documentation.