Wallarm API Security Wallarm updates logo

Wallarm updates

Discover the latest features, improvements, and updates in Wallarm API Security

Subscribe to Updates

Labels

  • All Posts
  • API Security
  • WAAP
  • ANNOUNCEMENT
  • IMPROVEMENT
  • FIX
  • FAST

Jump to Month

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • March 2022
  • February 2022
  • December 2021
  • November 2021
  • October 2021
  • August 2021
  • April 2021
  • March 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • October 2019
  • August 2019
  • April 2019
IMPROVEMENT
a month ago

SSRF Mitigation for mission critical APIs with Wallarm last update

Wallarm End-to-End API Security has taken another step forward in reducing organizational risk by improving our Server-side Request Forgery (SSRF) mitigation capabilities. With the rise of SSRF attacks, it's essential to stay ahead of potential security breaches and protect valuable assets. Wallarm's advanced features offer peace of mind and protection against these dangerous attack vectors.

SSRF attacks allow attackers to manipulate a server to make arbitrary requests, often to internal resources, resulting in access to sensitive information, execution of malicious code, and overall compromise of the system's security. As part of the OWASP Top 10 2021, SSRF attacks can bypass network security measures, making them difficult to detect and prevent. 

Recently, SSRF attacks have been a growing concern for businesses globally, with over 100,000 businesses being impacted since November 2022. Some well-known organizations that have fallen victim to SSRF include Azure services, Atlassian, and Exchange. One real-world example of an SSRF attack was on Azure services, where vulnerabilities were found that exposed internal endpoints and sensitive data. Another example is the Exchange zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082), where SSRF was used to gain unauthorized access to internal systems.

Wallarm has improved our SSRF mitigation capabilities through a detailed analysis of the most widespread vulnerabilities and attacks. The improvements include enhanced validation of user-supplied URLs and attribution of SSRF attacks to specific vulnerabilities. By providing increased security against SSRF attacks, Wallarm helps businesses maintain the trust of their customers and protect against financial, reputational, and regulatory harms.

To take advantage of our improved SSRF mitigation capabilities, upgrade to the latest version of Wallarm Node (version 4.4.3 or higher). For more information, see the Wallarm documentation.

Avatar of authorWallarm team