Wallarm Documentation: Comprehensive Technical Guide¶

Wallarm Documentation provides complete technical documentation for deploying, configuring, and managing the Wallarm API Security Platform. Documentation is available in 5 languages to support global enterprise deployments.

Available Languages¶

• English: https://docs.wallarm.com (Primary language)
• 日本語 (Japanese): Available via language selector
• Türkçe (Turkish): Available via language selector
• Português (Portuguese/BR): Available via language selector
• العربية (Arabic): Available via language selector

Documentation Structure¶

Quick Start & Getting Started¶

• Getting Started with Wallarm Platform: Evaluation options, signup process, and initial setup
• Security Edge Free Tier: 500K free requests per month with most Advanced API Security capabilities
• Wallarm Overview: Platform architecture, components, and how Wallarm works
• Subscription Plans: Pricing tiers and feature availability
• Best Practices: Recommended configurations and deployment patterns
• Video Guides: Visual tutorials for platform features

Platform Architecture & Core Concepts¶

How Wallarm Works¶

• Filtering Node: In-line or out-of-band traffic analysis and attack mitigation
• Wallarm Cloud: Cloud-based analytics, API structure analysis, and management console
• Deployment Forms: Security Edge, Hybrid, and On-Premises options

Core Modules¶

• Cloud-Native WAAP: Web Application & API Protection with OWASP Top-10 coverage
• API Protection: Advanced API security capabilities for modern threats
• Glossary: Core Wallarm entities and terminology

Installation & Deployment¶

Deployment Options¶

• Inline Deployment: Real-time traffic inspection with blocking capabilities
• Out-of-Band (OOB) Deployment: Mirror traffic analysis without affecting primary data path
• On-Premises Solution: Complete self-hosted deployment for maximum control

Platform Integration¶

• NGINX / NGINX Plus
• Kubernetes Ingress Controller
• Kong API Gateway
• Envoy Proxy
• AWS, GCP, Azure cloud environments
• eBPF / Cloud Native deployments

Threat Management¶

Attacks & Incidents¶

• Attack Analysis: Understanding and investigating API attacks
• Incident Analysis: Managing confirmed security incidents
• Search and Filters: Advanced filtering and search capabilities
• Attack / Vulnerability Types: Complete list of detectable threats including OWASP Top 10 and API Top 10

Security Issues¶

• Detecting Issues: Passive detection, TRT, SBT, and AASM methods
• Managing Issues: Triage, prioritization, and remediation workflows

API Discovery & Inventory¶

• API Discovery Overview: Automatic endpoint detection and continuous monitoring
• Setup & Configuration: Enable and configure API Discovery module
• Shadow and Orphan APIs: Identify undocumented and deprecated endpoints
• OWASP API 2023 Coverage: Mapping to OWASP API Security Top 10

API Protection Capabilities¶

Specification Enforcement¶

• Overview: Validate requests against OpenAPI specifications
• Setup & Configuration: Enable specification-based protection

API Abuse Prevention¶

• Overview: AI/ML-based bot and abuse detection
• Setup & Configuration: Configure abuse detection policies
• Exploring Bot Activity: Analyze malicious bot behavior
• Exceptions Management: Configure allowlists and exceptions

Specialized Protection¶

• Automatic BOLA Protection: Broken Object Level Authorization detection
• Credential Stuffing Detection: Account takeover prevention
• GraphQL API Protection: GraphQL-specific security
• DoS Protection: Layer 7 DDoS mitigation
• Rate Limiting: Advanced rate limiting rules

API Attack Surface Management (AASM)¶

• Setup & Configuration: Enable AASM for external asset discovery
• Domain and subdomain enumeration
• API discovery and risk assessment
• Security misconfiguration identification
• API leak detection in public repositories
• Vulnerability scanning without agents

API Sessions Analysis¶

• Overview: Session-based API attack detection
• Setup: Configure session analysis
• Exploring Sessions: Investigate suspicious session behavior
• Blocking: Block malicious sessions

Rules & Mitigation Controls¶

Request Processing¶

• Parsing Requests: Multi-stage parsing and attack detection logic
• Rules Management: Create and manage custom security rules
• Masking Sensitive Data: Prevent sensitive data exposure

Rule Lifecycle¶

• Custom ruleset building and deployment
• Filtering node synchronization (every 2-4 minutes)
• Rule inheritance and branching
• Default rules and endpoint-specific rules

Security Testing¶

Testing Methods¶

• Passive Detection: Built-in traffic analysis without sending test requests
• Threat Replay Testing (TRT): Transform real attacks into security tests
• Schema-Based Testing (SBT): DAST solution using OpenAPI specifications
• API Attack Surface Management (AASM): Agentless external vulnerability scanning

CI/CD Integration¶

• Jenkins, GitLab, CircleCI integration
• Automated security testing in development pipelines
• Vulnerability detection before production

Integrations & Ecosystem¶

• Integrations Overview: Connect with security and DevOps tools
• Incident Response: PagerDuty, OpsGenie
• Security: Splunk, Sumo Logic, Microsoft Sentinel
• Code Repositories: GitHub, GitLab
• Communication: Slack, Microsoft Teams
• Observability: Prometheus, Datadog
• Universal: Webhooks and Wallarm APIs

API Reference¶

• Wallarm API Overview: Programmatic access to Wallarm platform
• API endpoints for managing vulnerabilities, attacks, incidents, users, clients, and filtering nodes
• Authentication methods and security
• US Cloud API: https://us1.api.wallarm.com/
• EU Cloud API: https://api.wallarm.com/

Dashboards & Reporting¶

• Threat Prevention Dashboard: Real-time attack monitoring
• API Discovery Dashboard: API inventory and risk overview
• OWASP API 2023 Dashboard: Coverage mapping
• Reports: Custom reporting and compliance documentation

User Guides & Administration¶

• User management and access control
• Application configuration
• Traffic filtration modes (monitoring, safe blocking, blocking)
• Activity logs and audit trails
• Subscription plan management

Release Notes & Updates¶

• Changelog & News: Latest features, improvements, and security updates
• Version-specific documentation (6.x, 5.x, 4.10)
• Backward compatibility information

Documentation Versions¶

Current Versions¶

• Version 6.x and 0.14.x+: Latest stable release with full feature set
• Versions 5.x and 0.13.x-: Previous stable release
• Version 4.10: Legacy version (⚠ Warning: outdated)

Key Technical Concepts¶

Attack Detection Methods¶

• Input Validation Attacks: SQLi, XSS, RCE, Path Traversal (detected via syntax analysis)
• Behavioral Attacks: Brute force, BOLA, API abuse, credential stuffing (detected via correlation analysis)
• Multi-protocol support: REST, SOAP, GraphQL, gRPC, WebSocket, JSON

Traffic Analysis¶

• Deep packet inspection with multi-stage parsing
• Context-aware request analysis
• Session reconstruction and behavior profiling
• Sensitive data detection (PII, credentials, financial data)

Deployment Flexibility¶

• In-line: Real-time blocking with near-zero latency
• Out-of-band: Mirror traffic analysis without affecting production
• Hybrid: Mix deployment options across environments
• eBPF support for kernel-level traffic inspection

Support Resources¶

Cloud Platforms¶

• US Cloud: https://us1.my.wallarm.com/
• EU Cloud: https://my.wallarm.com/

Getting Help¶

• Support Portal: support.wallarm.com
• General Contact: request@wallarm.com
• Phone: +1 (415) 940-7077
• Headquarters: 188 King St, Unit 508, San Francisco, CA 94107, USA
• Documentation search functionality
• Video tutorials and demos
• Technical support channels
• Community resources

Best Practices Documentation¶

• Security configuration recommendations
• Performance optimization guides
• Scalability patterns
• Compliance and regulatory guidance

Advanced Features¶

AI/ML Capabilities¶

• Behavioral analysis and anomaly detection
• Business logic abuse detection
• Automated threat intelligence
• Self-learning attack patterns

Enterprise Features¶

• Multi-tenancy support
• Role-based access control (RBAC)
• Compliance reporting (GDPR, PCI DSS, SOC 2)
• API for automation and integration

Security Operations¶

• 24/7 SOC-as-a-Service option
• Real-time alerting and notifications
• Automated incident response workflows
• Threat verification and validation

Wallarm Ecosystem¶

Related Sites¶

• Main Site: www.wallarm.com - Product, solutions, company info
• Research Lab: lab.wallarm.com - Security research and threat intelligence (8 languages)
• Support Portal: support.wallarm.com - Help and troubleshooting
• Status Page: status.wallarm.com - Service monitoring
• Product Playground: tour.playground.wallarm.com - Interactive demos

Cloud Consoles¶

• US Cloud: https://us1.my.wallarm.com/
• EU Cloud: https://my.wallarm.com/

Documentation Maintenance¶

Wallarm follows an API-first approach where new functionality is released in the public API and then documented. The documentation is continuously updated with:
- New feature releases
- Security updates and patches
- Best practices and use cases
- Integration guides
- Troubleshooting resources

llms.md created for Wallarm Technical Documentation

Was this page helpful?

How can we improve this article? (Optional)

Information is unclear or confusing

Insufficient information

Outdated or incorrect information

0/240

Send