154 matches found
How To Protect Your Kubernetes Cluster with Wallarm – Running in Production Mode – part 3 of 3
The previous two blog articles in this series describe how to set up Wallarm Ingress controller and configure it so that it can properly allow or block traffic from trusted or suspicious/malicious IP addresses. This is essential to the functionality of Wallarm’s Ingress controller but it isn’t...
How To Protect Your Kubernetes Cluster with Wallarm – Configuration and Finetuning – part 2 of 3
Wallarm’s Kubernetes Ingress controller is designed to help protect your Kubernetes cluster against cyberattacks. Its built-in web application firewall WAF is capable of detecting and blocking a wide range of common attacks against Kubernetes deployments. The previous article in this series...
How To Protect Your Kubernetes Cluster with Wallarm – part 1 of 3
Kubernetes clusters enable an organization to easily take advantage of containerization. While this is a huge asset, it also creates security issues. Many organizations lack visibility into the applications within their Kubernetes cluster and their attack surface. Within a Kubernetes cluster, an...
Testing ModSecurity for false positives by books texts
The main things that prevent enabling security solutions like WAF/RASP/IDS/IPS in a blocking mode are false positives. Probably the second one is their inline performance and additional latency, but still. As a cloud-native WAF vendor, we at Wallarm are actively checking our products for false...
Apache Solr 1,2,3,4 Kill-Chain.
One of the services Wallarm offers today are Pentest Audits. Our team has met a new challenging task at a recent project: penetration test & usage for Apache Solr V4.10.4. We want to use this blog to describe the way we have identified vulnerability & managed to execute commands with root...
Protecting gRPC applications and APIs
Wallarm has always stood out from its competitors when it comes to supporting modern stacks. For a long time Wallarm has been the only product to provide comprehensive protection for WebSockets-based web applications. Once again, Wallarm is glad to be the pioneer and add support for the gRPC...
Application security through the lens of Cyberwar – One on One with Chris Kubecka
Last month, Wallarm Cybersecurity Strategist Kavya Pearlman interviewed cyberwar fare expert Chris Kubecka via a webinar session that was well attended and very timely discussion. If you missed the webinar, worry not! Here is a quick recap of the discussion around “Application Security in the age...
RSA 2020 – Must Visit
Visit Wallarm at RSA 2020 booth 4118 + see a list of other events going on during the conference for a richer experience The post RSA 2020 - Must Visit appeared first on Wallarm Blog...
Wallarm team is growing!
Wallarm’s unique approach provides actionable insight that identifies and protects against real attacks and vulnerabilities. I’m excited to be part of the team that automates this for modern services and cloud-based applications. The post Wallarm team is growing! appeared first on Wallarm Blog...
Native integrations in Wallarm WAF
How to configure sending reports to email? How to get a notification to the messenger about an event requiring a response? How to connect Wallam and other solutions that use DevOps and the security team? Integrations will help to solve all these issues in Wallam WAF. And today we'll talk about th...
The most cited Wallarm researches in 2019
Our researchers are constantly working on information security issues and in 2019 we published dozens of articles on this topic. Stay with us and let's make the IT world safer together! The post The most cited Wallarm researches in 2019 appeared first on Wallarm Blog...
Putting Wallarm Management Console on a Fast Track
With this update we significantly reduced Elasticsearch load and thereby improved the responsiveness of the user interface with an attack showing up within seconds of being detected. Our new user-friendly interface has a lag time of no more than 5 seconds. The post Putting Wallarm Management...
A Match Made in the Clouds
With recent explosion of Kubernetes adoption and Wallarm’s consistent effort to deliver Kubernetes native security offerings, I feel tremendous confidence in our collective ability to stay ahead of the emerging threats in the cloud native ecosystem. The post A Match Made in the Clouds appeared...
New Wallarm Dashboard
There is an update in the Wallarm Console, which presents a brand new dashboard that can’t be missed. There are three significant changes that are worth mentioning: New structure. The dashboard has a new, clear structure emphasizing multiple modules of the Wallarm Platform — WAF, Scanner, FAST. T...
Wallarm Launches Support of Envoy Proxy/ Envoy API Protection
Wallarm can protect North-South API in the applications that use Envoy as an alternative Ingress controller at the front end of a Kubernetes cluster. Wallarm can also protect edge traffic and also East-West Envoy API for Service-Mesh and Istio. The post Wallarm Launches Support of Envoy Proxy/...
The hidden costs of security breaches
The real cost of a security breach to your business is larger than many imagine. On the surface there is incredible expensive to recovering from breaches. What is often also at risk is the inestimable damage to company morale, brand reputation, and operations. The post The hidden costs of securit...
What is Kubernetes?
Kubernetes is becoming a common enough word, but what is it, how does it benefit your world, and how does it work? The post What is Kubernetes? appeared first on Wallarm Blog...
PHP Remote Code Execution 0-Day Discovered in Real World CTF Exercise
When a security researcher found an unusual PHP script while solving an hCorem Capture the Flag task, it reveal hundreds of millions of users are vulnerable to attack. Learn the deep tech. The post PHP Remote Code Execution 0-Day Discovered in Real World CTF Exercise appeared first on Wallarm Blo...
Wallarm connector to Apigee
If you are a business undergoing a digital transformation, like Walgreens, Nike or Bechtel, heavy reliance on APIs is a key part of that digital transformation strategy. “The growing demand for information, delivered securely at any time, in any place and on any device has changed the way we thin...
An Analog Approach to Secure Operations in Kubernetes
Security is not something you achieve. It's something you continually take care of and understand as constantly transforming. Here are our tips about your K8s cybersecurity The post An Analog Approach to Secure Operations in Kubernetes appeared first on Wallarm Blog...