What is Blackcat Ransomware

Begin This Exploration: Unraveling the Mysteries of PantheraNegra Malware As new forks in the road of online threats emerge, an innovative peril has cast its shadow in the digital landscape – a danger we have identified as PantheraNegra Malware. What sets PantheraNegra Malware apart? Let's unrave...

Mastercard Cybersecurity

Safeguarding Trade: Discovering the World of Mastercard Digital Guardrails In our tech-driven era, it is vitro important that financial dealings are shielded competently. A colossal number of exchanges are happening each day, proving the ever growing necessity of sturdy digital protective measure...

CISO: Top 10 Trends for 2024

I recently hosted and moderated a distinguished panel of Chief Information Security Officers CISOs - Nitin Raina, CISO at ThoughtWorks, Mike Wilkes, former CISO at Marvel and Yogesh Badwe, CSO at Druva. We discussed major trends for 2024 across an array of topics including the evolving threat...

What Is Microservices Architecture

Mastering the Essential Elements of Services-Focused Programming The methodology of programming using tiny, interdependent software units, often simplified to 'Microservices', has seen a marked uptick in usage in recent times. This distinct architectural paradigm shapes an application as a group ...

Incident Response Plan: Frameworks and Steps

Gaining Insight: The Imperative for an Electronic Threat Handling Framework As we traverse further into the digital era, the threat of cyber encroachments elevates consistently. This looming risk is a reality for all, from emergent startups to well-established corporations, placing operations in...

Dark Web Monitoring

Unveiling Dark Web Surveillance: Bolstering Internet Safety Journey with us into the unchartered territories of the internet, where a masked sector called the Dark Net thrives. This secret hub is notorious for harboring unlawful actions ranging from infringed identity to stolen data, bringing for...

2023 OWASP Top-10 Series: Introduction

In early June 2023, OWASP released the final version of the OWASP API Security Top-10 list update. At that time we published a “hot take” on this final version and followed that up with an in-depth look at the new risk ratings for 2023. Today we’re kicking off a multi-post series in which we take...

Connect with Wallarm at RSA 2023

We’re looking forward to seeing you at this year’s RSA Conference! Don’t forget to set up a meeting with our executives, as they would love to hear more about your team’s application security needs and chat with you about how Wallarm can help. Visit Us at Booth 6585 in the North Expo Hall Wallarm...

Wallarm adds Cybersecurity Leaders to its Board of Advisors

New Advisory Board Members Bring Extensive Experience to Assist Organizations Needing to Enhance and Accelerate their API Security Posture January 12, 2023 02:30 PM Eastern Standard Time SAN FRANCISCO -BUSINESS WIRE- Wallarm, the end-to-end API security company, is pleased to introduce the newest...

Wallarm at Black Hat USA 2022

Black Hat USA is celebrating its 25th anniversary, and Wallarm will be on hand for the festivities. If you’re headed to Vegas this year, we invite you to meet our crew and talk about API security. Tuesday 08/09 – Pre-Event Evening Party Join us on Tuesday 08/09 evening at the Emerging Technology...

Open-Source API Firewall Unveils New Feature: Default Deny Lists for Compromised API Tokens and Cookies

Discovering and securing any API is one of the most difficult challenges for developers. The API security landscape is constantly evolving, with new threats and vulnerabilities emerging at a rapid pace. Since commercial API security solutions can be expensive for some organizations especially...

Securing GraphQL. Part 1

GraphQL is an alternative to the REST concept that allows working with the data in a more structured and object-oriented way. This technology is very famous and used by many enterprise companies such as Facebook, Walmart, Intuit among other. Whether you know it or not, GraphQL has a significant...

AWS re:Invent 2017: Wallarm Delivers its AI-enabled NG-WAF and scanner to AWS Customers

We are thrilled to be sponsoring this year’s AWS re:INVENT in Las Vegas. With many of our customers using AWS infrastructure it is critical for us to provide a frictionless way to protect APIs, applications and micro-services in AWS environments. Filtering nodes for Wallarm’s NG-WAF with Active...

Visit Wallarm at AWS re:Invent 2017

Wallarm will present its Application Security solutions at AWS re:Invent in Las Vegas November 27 through December 1st. As a leading provider of AI-driven application security, Wallarm is helping customers running on AWS to implement application security. Wallarm solutions includes high-performan...

Introducing the Wallarm AI Control Platform: One closed loop for AI security and API security.

TL;DR - AI deployment has outpaced AI governance. Most enterprises running AI on AWS cannot answer four basic security questions about what's running, what it's doing,how to stop it, and how to prove it's under control. - The Wallarm AI Control Platform closes this gap: one platform for Discover,...

Key API Security Takeaways from the Postman 2025 State of API Report

API security has never been more important because modern APIs are operational necessities. Unfortunately, many organizations are failing to adapt their security models to a rapidly changing API threat landscape. Like it or not, we live in an AI-first world, and API security must reflect that...

Fundamentals of GraphQL-specific attacks

GraphQL vs REST APIs Developers are constantly exploring new technologies that can improve the performance, flexibility, and usability of applications. GraphQL is one such technology that has gained significant attention for its ability to fetch data efficiently. Unlike the traditional REST API,...

PCI DSS v4.0: What You Need to Know and What the End of v3.2.1 Means for the Future of Digital Payments

On March 31st, 2024, The Payments Card Industry Standards Security Council PCI SSC officially retired version 3.2.1 of the PCI Data Security Standard PCI DSS with the publication of its new sets of protocols and security standards for v4.0. With the continued rise in cyber threats against financi...

How to comply with GDPR requirements

Understanding the Basics of GDPR Compliance Within the sphere of cybersecurity, significant strides were made as the European Union EU introduced an innovative legislative tool called the General Data Protection Regulation GDPR, unveiled on May 25, 2018. This regulation highlights the EU's unifie...

What Is Cloud Data Protection?

A Deep Dive into the Cosmic Universe of Information Safeguarding: An Exhaustive Examination of Distributed Data Security As the virtual dominions continue to propagate at a phenomenal pace, the totality of data we generate daily scales new zeniths. We see ourselves increasingly relying on 'online...

Bolstering API Security: Introducing Wallarm’s API Attack Surface Management (AASM)

In the fast-paced digital world, think of Application Programming Interfaces APIs as the threads that stitch together the fabric of our tech ecosystems. They're often overlooked, quietly ensuring that your apps communicate seamlessly and keep the digital world running smoothly. The majority of...

Drinking Our Own Champagne: Enhancing API Security with FAST

Welcome to another inside story straight from the Wallarm labs. Today we’re taking you behind the scenes of our self-testing journey, showcasing how we "drink our own champagne" by implementing our Framework for Application Security Testing FAST to strengthen the security of our APIs. The intent ...

Cryptographer – Job Description and How to Become

Introduction Cryptography is perhaps the main instrument for building a secure computerized framework. These professionals assume a major part in building these frameworks. This makes them probably the most generously compensated and profoundly esteemed laborers inside the growing universe of...

PCI Penetration Test – Everything You Need to Know

Introduction For any association that cycles, stores or sends charge card information, entrance testing has been a commitment since 2013. That is the point at which the consistence necessities set up by the Payment Card Industry Security Standards Council PCI SSC were refreshed to mirror the...

Wallarm Finalist at 2017 Red Herring Top 100 North America

LOS ANGELES — 6.06.2017 — Wallarm has been selected as a finalist for Red Herring’s Top 100 North America award, one of the technology industry’s most prestigious prizes. Finalists for the awards are among the continent’s brightest and most innovative private ventures. Their place among North...

Wallarm Teams up with NGINX Plus to Provide Advanced Security

Wallarm is excited to be a pioneer security vendor in NGINX Certified Module program and provide trusted and verified security functionality to NGINX Plus customers. “We are pleased to announce that Wallarm is now part of the NGINX Plus Certified Module program with the Wallarm Next Generation WA...

API Security’s Role in Responsible AI Deployment

By now, you will almost certainly be aware of the transformative impact artificial intelligence AI technologies are having on the world. What you may not be aware of, however, is the role Application Programming Interfaces APIs are playing in the AI revolution. The bottom line is that APIs are...

Best API Security Product: Wallarm wins 2024 Cybersecurity Excellence Award

We are thrilled to announce that Wallarm has clinched the sought-after 2024 Cybersecurity Excellence Award, under the category Best API Security Product. Our unwavering commitment to pioneering solutions that safeguard digital ecosystems, and fortify API security amidst the evolving cyber threat...

Improving Security with Wallarm’s NIST CSF 2.0 Dashboard

Ensuring the security of web applications and APIs is more critical than ever. With threats becoming increasingly prevalent and sophisticated, organizations need to employ comprehensive security measures to protect their digital assets. The NIST Cybersecurity Framework CSF 2.0 stands at the...

Wallarm Named a Leader in GigaOm Radar for API Security

I am thrilled to share that Wallarm, has been named a leader in the GigaOm Radar for API Security! We would like to share insights from the recent GigaOm 2023 API Security Radar report, particularly shining a spotlight on our Advanced API Security solution. The growing importance of APIs and API...

What is SSL VPN?

Deciphering SSL VPN: An In-depth Perspective Pivoting our lens towards data in this digital era, akin to the transition observed during the oil boom, we've realized that the fodder for importance today is safeguarding data while it voyages through global networks. SSL VPN Secure Sockets Layer...

What is Cloud Migration ?

Dispelling the Fog: Unraveling Cloud Migration In the technological realm, cloud migration is a burgeoning trend that's swiftly taking center stage. However, its definite meaning may not be crystal clear to all. Simply put, cloud migration is the process where essential business constituents such...

What’s most important for a CISO in API security?

As threats to networks and systems have changed, so have CISOs’ priorities. API security has grown more important with everything as a service and in the cloud. Todays CISOs must ensure they have a plan for protecting APIs. To learn what’s most crucial when protecting APIs, we surveyed CISOs and...

Wallarm extends AWS API security with the official Terraform module

Wallarm API Security solution is now available in AWS as an official Terraform module, with a full feature set including autoscaling groups, API Gateway connector, mirroring, and agentless out-of-band deployments. To address modern cloud-native threats, API security vendor Wallarm released extend...

Best cyber security jobs in 2022 – Highest paying

Web protection is a worthwhile and quickly extending field that spotlights on shielding organizations from current attacks and guarding their information and frameworks. Specialists in network security distinguish blemishes, give programming and gear answers for diminish hazards, and foster plans...

10 minutes to secure your Kubernetes application without giving up on customization: Wallarm WAF as a sidecar container with plain Kubernetes manifests

In this series’ previous article, we added the AI-powered Wallarm WAF to our Helm chart bundled application as a sidecar container. As you can see, 10 minutes is the time we need to stop worrying about rules, lists, and attacks, and start focusing on performance, optimization, and deployment. As...

Randy Bias joins Wallarm board of advisers

Menlo Park, California — December 5, 2017 — Wallarm today announced that Randy Bias, Vice President of Technology and Strategy, Cloud Software at Juniper and founder of Cloudscaling acquired by EMC, has joined Wallarm’s board of advisers. “Randy is an agile cloud pioneer and a thought leader in...

Exploiting API4 — 8 Real-World Unrestricted Resource Consumption Attack Scenarios (and How to Stop Them)

Unrestricted Resource ConsumptionAPI4:2023 is the only threat category in the OWASP API Security Top 10 explicitly dedicated to Denial of Service DoS and resource abuse. But despite being just one category, attackers can exploit it in many different ways; from large file uploads and expensive...

ToolShell: Remote Code Execution in Microsoft SharePoint (CVE-2025-53770)

On July 19, 2025, a critical remote code execution RCE vulnerability CVE-2025-53770, also referred to as ToolShell was publicly disclosed, impacting on-premises Microsoft SharePoint Server installations. This vulnerability allows unauthenticated attackers to execute arbitrary code remotely by...

Top Open Source API Security Tools

The modern world relies on Application Programming Interfaces APIs. They allow applications to communicate with each other, servers, and consumers to facilitate data sharing and simplify application development. Without them, the internet would be unrecognizable. However, APIs also present a...

AI-Powered APIs: Expanding Capabilities and Attack Surfaces

AI and APIs have a symbiotic relationship. APIs power AI by providing the necessary data and functionality, while AI enhances API security through advanced threat detection and automated responses. In 2023, 83% of Internet traffic traveled through APIs, but there was a 21% increase in API-related...

Kafka vs RabbitMQ

An Intro to Kafka and RabbitMQ: The Masters of Messaging In the realm of messaging systems, two names stand out: Kafka and RabbitMQ. These two powerhouses have become the go-to solutions for developers and organizations looking to handle high-volume, real-time data processing and messaging. But...

What Is The Cyber Kill Chain? Process & Model

Grasping the Fundamentals: A Study of the Cyber Harm Ladder Navigating the multifaceted universe of cybersecurity is similar to solving an evolving labyrinth. This world is awash with intricate principles and techniques; with the Cyber Harm Ladder gaining increasing focus in recent times. But, wh...

Wallarm to Unveil New API Security Solution and Strategic Shift at Black Hat Europe 2023

If you're involved with cybersecurity and are based in Europe, then Black Hat Europe 2023 in London, December 6 and 7 is a must-attend event. Wallarm, the experts in API and Application Security, will be attending the event, and we're excited to connect with you. If you are planning to attend, co...

SOA VS MICROSERVICES – What’s the difference?

Unraveling the Code Landscape: Exploring SOA and Microservices Seamlessly The shifting sands of software development have elevated two pivotal architecture designs to influential pedestals: The Service-Oriented Architecture SOA and Microservices. Understanding their distinct characteristics,...

Application Layer Gateway (ALG) Explained: What it is & Why You Need it ?

Snippet When you hear "Application Layer Gateway," or ALG for short, think of it as a network traffic conductor. It's the unsung hero that examines data packets, making sure they follow specific rules and get to where they're supposed to go—securely and efficiently. Quick Facts Definition In the...

What is SSL/TLS ?

In the intricate tapestry of the digital world, threads of information interweave, forming connections, enabling interactions, and crafting narratives. Amidst this, a silent protector—SSL/TLS—ensures that the stories told are safeguarded, secure, and sincere. This comprehensive guide unravels the...

Holistic API Security Strategy for 2023

In the digital landscape of 2023, Application Programming Interfaces APIs have taken center stage in business operations. APIs act as the backbone of many digital services, enabling software applications to communicate and exchange data with each other. As businesses increasingly rely on APIs for...

Exploiting Oracle WebLogic by Remote Code Execution with a /console endpoint restricted

This article explains how to exploit Oracle WebLogic for remote code execution by using valid credentials. Its useful during black-box security audits, pentests, and infrastructure audits, including automated vulnerability scanning. To set up an example playground, we will use the following docke...

Protect your Helm chart bundled application with Wallarm WAF. 10-minutes configuration for continuous and enhanced security

Every application has its own specific goals, critical aspects, and needs. So, the logical conclusion would be that every app needs an in-depth manual configuration, right? Well, here at Wallarm, we’re security experts and developers from the real world, and we know that in many cases time,...