Wallarm Node 4.2 - protection from BOLA, neutralizing dangerous JWT and more
We are pleased to announce the release of Wallarm Node 4.2.
Here is a list of the new features which will be available after upgrading:
BOLA / IDOR Detection
When an API-based application is vulnerable to Broken Object Level Authorization (BOLA), also known as Insecure Direct Object References (IDOR), there is a strong possibility of sensitive information or data being exposed. Attackers can exploit vulnerable API endpoints by manipulating the object ID which is sent within the request.
To prevent exploitation of this vulnerability, Wallarm Node 4.2 contains a new trigger which you can use to protect your endpoints from BOLA attacks. The trigger monitors the number of requests to a specified endpoint and creates a BOLA attack event when trigger thresholds are exceeded.
Inspecting JWTs for Malicious Payloads
Wallarm Node 4.2 also brings Deep Request Inspection capability for JSON Web Token (JWT) data formats. While this will enable many new upcoming features related to the authentication tokens, Node 4.2 expands attack detection for all content encoded in JWTs. All data encoded in a JWT is automatically unpacked/decoded and checked for the different types of malicious payloads (RCE and others).
CentOS 6 and Debian 9 distributions are no longer supported. There are also some changes related to the logic of denylists. A more detailed changelog and instructions on upgrade are published in the official documentation.
If you have any questions, feel free to contact our support team at email@example.com