Skip to content

Wallarm API Protection

Wallarm's API Protection is an advanced set of capabilities that extend basic WAAP/WAF protection for your APIs. While basic protection already includes support for all API protocols and their inspection for attacks, protection against L7 DDoS, etc., modern applications and APIs are subject to additional risks and require advanced protection measures. API Protection bundle provides tools for that.

API Protection includes:

  • Automatic BOLA Protection provides automatic protection against BOLA attacks that were marked as #1 threat in OWASP API Top 10. Wallarm automatically discovers vulnerable endpoints and protects them against enumeration.

  • API Abuse Prevention protects your applications and APIs against different types of automated threats. Based on behavioral analysis Wallarm can easily identify and block malicious bots such as Scrappers, Security Crawlers, etc.

  • Credential Stuffing Detection provides one more layer of protection against Account Takeover attacks. Wallarm allows you to recognize even a single use of compromised credentials, which is important to identify low and slow Credential Stuffing attacks.

While WAAP/WAF is available under the basic Cloud Native WAAP subscription, tools of the API Protection bundle are the part of the Advanced API Security subscription.

Automatic BOLA Protection

Use Wallarm's API Discovery module to discover endpoints vulnerable to broken object level authorization (BOLA) threat and automatically protect from attacks trying to exploit this vulnerability.

BOLA trigger

Automatic BOLA protection serves as a great extension or replacement to the manually created BOLA protection rules. You can configure automatic BOLA protection to make Wallarm's behavior match your organization security profile.

Proceed to detailed description and configuration →

API Abuse Prevention

The API Abuse Prevention delivers detection and mitigation of bots performing API abuse like credential stuffing, fake account creation, content scraping and other malicious actions targeted at your APIs.

API abuse prevention statistics

API Abuse Prevention uses the complex bot detection model that involves ML-based methods as well as statistical and mathematical anomaly search methods and cases of direct abuse. The module self-learns the normal traffic profile and identifies dramatically different behavior as anomalies.

Proceed to detailed description and configuration →

Credential Stuffing Detection

Wallarm's Credential Stuffing Detection collects and displays real-time information about attempts to use compromised or weak credentials to access your applications and enables instant notifications about such attempts. It also forms downloadable list of all compromised or weak credentials providing access to your applications.

Wallarm Console - Credential Stuffing

To identify compromised and weak passwords, Wallarm uses a comprehensive database of more than 850 million records collected from the public HIBP compromised credentials database.

Proceed to detailed description and configuration →