What’s New in Wallarm Node 2.10

2018-08-21T16:58:56
ID WALLARMLAB:69D03142A40C3E4E76F95BCD96F26C6D
Type wallarmlab
Reporter Wallarm
Modified 2018-08-30T01:50:35

Description

We have recently released a new version of Wallarm Node.

After your next update window, you will see some new features your DevOps team is certain to like.

Firstly, your monitoring and reporting got a lot livelier. Starting with this version in addition to JSON format metrics can be exported in Prometheus compatible format. As before with Collectd, information on the number of requests, number of attacks, number of blocked attacks and a variety of error conditions is available.

Wallarm Node data monitored via Prometheus

The second big thing is a new and improved parser for html and JavaScript-encoded requests. Since Wallarm does not rely on regular expressions, in-depth parsing of application requests and responses regardless of the format is critical to building our application logic model and correctly detecting false positives and false negatives. The new parser will allow us to find potentially dangerous payloads (such as RCE or path traversal) even if they are entirely encoded within js or html elements.

By popular request, a few month ago we have added an ability to define custom detection rules manually in addition to AI-generated rules we have already had. 2.10 release makes these mechanism easier to use.

First, we have made the rules update independent from the configuration file. This means that once the rules definition is modified in the web console, it is loaded into the node within the next 15 minutes (with the next LOM update) and does not require the node reload.

Secondly, the rule definition interface is extended to accept negative rules definition (absence of the value) in addition to previously supported positive rules as well as allowing additional request parameters.

With this release, we have also introduced an option for installing Wallarm Node as a Kubernetes ingress controller. More about this in a separate blog.

Check out the release notes for the full description, configuration instructructions, deprecated features and more.


What’s New in Wallarm Node 2.10 was originally published in Wallarm on Medium, where people are continuing the conversation by highlighting and responding to this story.