Evolution of API Security – A Practical Guide to Addressing API Threats in 2023 The kind of API security scenarios we witnessed today were never like this from the beginning... 2022-10-26 23:32:16 | 阅读: 34 | 收藏 | lab.wallarm.com security wallarm threats demands scaling

New text2shell RCE vulnerability in Apache Common Texts CVE-2022-42889 Yet another RCE with a CVSS score of 9.8 out of 10 was disclose... 2022-10-18 13:2:38 | 阅读: 174 | 收藏 | lab.wallarm.com 42889 injection wallarm log4shell download

8 KB is not enough: why WAFs can’t protect APIs WAFs were a top-notch security instrument a decade ago, but now they are not. They fail to pr... 2022-10-17 22:28:41 | 阅读: 47 | 收藏 | lab.wallarm.com wafs security cloud payload gotestwaf

How Uber was hacked in 2022 What happened?The first information about the incident was issued yesterday, September 15th,... 2022-9-17 00:55:45 | 阅读: 46 | 收藏 | lab.wallarm.com uber cloud pam hardcoded powershell

What’s most important for a CISO in API security? As threats to networks and systems have changed, so have CISOs’ priorities. API security has g... 2022-9-9 19:17:13 | 阅读: 25 | 收藏 | lab.wallarm.com security votes cisos specialists opinion

Integrating API Security and WAF into K8s Kong API Gateway Article by Jiju Jacob, Director of Engineering at Revenera[This is an update of Mr. Jacobs’ 0... 2022-9-8 23:8:16 | 阅读: 40 | 收藏 | lab.wallarm.com ecs wallarm arn lb security

What are JWT Injections, and Why do You Need to Know About Them JSON Web Tokens (JWTs for short) are the new standard for transmitting identity information in... 2022-8-26 15:3:0 | 阅读: 30 | 收藏 | lab.wallarm.com injections injection malicious 20con jwts

Wallarm at Black Hat USA 2022 Black Hat USA is celebrating its 25th anniversary, and Wallarm w... 2022-8-11 01:55:25 | 阅读: 29 | 收藏 | lab.wallarm.com security ivan evening wallarm alex

GitLab Security Issues: Six Months of Vulnerabilities Have you ever thought the most popular CI/CD platform – GitLab – may have security issues? In... 2022-8-1 21:31:27 | 阅读: 36 | 收藏 | lab.wallarm.com gitlab security improper attacker

API Vulnerabilities Jump Up 3.7x in Q2-2022 Since the beginning of 2022, the Wallarm security research team has been analyzing API vulnera... 2022-7-28 15:38:27 | 阅读: 20 | 收藏 | lab.wallarm.com security wallarm webinar q2

Wallarm extends AWS API security with the official Terraform module Wallarm API Security solution is now available in AWS as an official Terraform module, with a... 2022-7-20 00:41:31 | 阅读: 23 | 收藏 | lab.wallarm.com wallarm mirroring security band agentless

Open-Source API Firewall Unveils New Feature: Default Deny Lists for Compromised API Tokens and Cookies Discovering and securing any API is one of the most difficult challenges for developers. The A... 2022-7-14 16:33:47 | 阅读: 22 | 收藏 | lab.wallarm.com blocklists apifw denylist blocklist

10 Years Journey into API Security Vulnerabilities with Ivan, the CEO of Wallarm Ivan Novikov, CEO at Wallarm, is an API security expert, bug hunter, security researcher, and... 2022-7-14 01:47:59 | 阅读: 27 | 收藏 | lab.wallarm.com security ivan 1998 remote

OWASP Top-10 2022: Forecast Based on Statistics For tech innovators and security experts, what OWASP Top-10 says or predicts is much attention... 2022-7-1 14:28:58 | 阅读: 30 | 收藏 | lab.wallarm.com security threats ssrf a10

Update on Spring Data MongoDB SpEL Expression Injection Vulnerability (CVE-2022-22980) BackgroundOn June 20, 2022 Spring released Spring Data MongoDB... 2022-6-23 15:14:8 | 阅读: 49 | 收藏 | lab.wallarm.com wallarm repository annotated changelog affects

Update on the Confluence 0-day vulnerability (CVE-2022-26134) We want to share this update regarding the critical Confluence 0... 2022-6-4 04:50:59 | 阅读: 92 | 收藏 | lab.wallarm.com wallarm changelog 26134 monitoring

RSAC 2022 – The Year of API Security Not only is RSAC back in person, but API security is coming to... 2022-5-25 14:51:9 | 阅读: 16 | 收藏 | lab.wallarm.com security wallarm booth flipper

Three new API exploits causes GitLab data privacy and availability issues On May 10, 2022, and May 11, 2022, CVE-2022-1352 CVE-2021-1431, and CVE-2022-1545 were fixed a... 2022-5-16 23:36:42 | 阅读: 38 | 收藏 | lab.wallarm.com gitlab idor python attacker pypi

Two critical security flaws found in Nginx-Ingress controller Ingress controllers allow users to configure an HTTP load balanc... 2022-5-13 05:52:3 | 阅读: 53 | 收藏 | lab.wallarm.com ingress kubernetes anyin annotations wallarm

CVE-2022-1388: Critical security vulnerabilities in F5 Big-IP allows attackers to execute arbitrary code On May 5, 2022, MITRE published CVE-2022-1388, an authentication... 2022-5-7 01:6:26 | 阅读: 102 | 收藏 | lab.wallarm.com 1388 icontrol nuclei github affects