We’re gearing up with some seriously cool stuff for Black Hat! But first, a little sneak peek – not just one, but TWO of Wallarm’s open-source tools will be featured in the Arsenal showcase at Black Hat USA this year.
Black Hat Arsenal unites researchers and the open-source community to display their newest open-source tools and products, allowing presenters to engage directly with attendees. Its schedule is now live, so save the date to watch presentations of API Firewall and GoTestWAF.
Interestingly, we introduced the API Firewall back in 2023 during the same Black Hat Arsenal showcase! Since then, the open-source API Firewall has undergone major enhancements, broadening its protective features to encompass GraphQL endpoints alongside its current support for REST APIs.
Functioning as a highly efficient intermediary, this API Firewall guarantees meticulous validation of API requests and responses, conforming to both OpenAPI and GraphQL schemas. It implements a positive security model that bolsters API security by permitting only the traffic that complies with a predefined API specification for requests and responses.
Functioning as a highly efficient intermediary, this API Firewall guarantees meticulous validation of API requests and responses, conforming to both OpenAPI and GraphQL schemas. It implements a positive security model that bolsters API security by permitting only the traffic that complies with a predefined API specification for requests and responses.
The key features of Wallarm’s API Firewall are:
This open-source product is available on DockerHub and has achieved an impressive milestone of ONE BILLION downloads.
GoTestWAF is a now widely recognized open-source tool designed for assessing WAFs, WAAPs, and API Security products to validate their detection coverage and accuracy. GTW emulates diverse API attacks and evasion techniques to evaluate detection coverage and accuracy.
GoTestWAF encompasses a broad range of attack vectors, evasion methods, and data encoding formats and conducts tests across multiple protocols, such as RESTful APIs, WebSocket communications, gRPC, and GraphQL.
GoTestWAF encompasses a broad range of attack vectors, evasion methods, and data encoding formats and conducts tests across multiple protocols, such as RESTful APIs, WebSocket communications, gRPC, and GraphQL.
The recently added features to the GoTestWAF are:
The tools on display will be presented by Tim Erlin and Tracey Bernarth from the Wallarm team.
Do you like stickers? Who doesn’t? Check out Wallarm’s booth #3122, Black Hat’s one-stop-shop for the best API Security stickers.
The post Two of Wallarm’s Open-source Tools Have Been Accepted into Black Hat Arsenal 2024 appeared first on Wallarm.
*** This is a Security Bloggers Network syndicated blog from Wallarm authored by Nikhil Menon. Read the original post at: https://lab.wallarm.com/two-of-wallarms-open-source-tools-have-been-accepted-into-black-hat-arsenal-2024/