# Wallarm Documentation: Comprehensive Technical Guide > Wallarm Documentation provides complete technical documentation for deploying, configuring, and managing the Wallarm API Security Platform. Documentation is available in 5 languages to support global enterprise deployments. ## Available Languages - **English**: [https://docs.wallarm.com](https://docs.wallarm.com) (Primary language) - **日本語 (Japanese)**: Available via language selector - **Türkçe (Turkish)**: Available via language selector - **Português (Portuguese/BR)**: Available via language selector - **العربية (Arabic)**: Available via language selector ## Documentation Structure ### Introduction #### Getting Started - [Platform Overview](https://docs.wallarm.com/about-wallarm/overview/): In today's digital world, APIs face growing threats, especially with the rise of AI. Traditional security can... - [Quick Start](https://docs.wallarm.com/quickstart/getting-started/): Wallarm delivers all-in-one API security, identifying and protecting your APIs from vulnerabilities and malicious... #### Video Guides - [Platform Overview](https://docs.wallarm.com/demo-videos/platform-overview/): Watch our comprehensive platform overview video to learn about Wallarm's unified API security platform, including... - [API Discovery Overview](https://docs.wallarm.com/demo-videos/api-discovery/): Watch our demo video to discover the full potential of the Wallarm platform's API Discovery module. Get familiar... - [API Leaks Overview](https://docs.wallarm.com/demo-videos/api-leaks/): Watch our demo video to gain familiarity with the various types of API leaks that the Wallarm platform's API Leaks... - [Shadow and Orphan API](https://docs.wallarm.com/demo-videos/shadow-api/): Watch our demo video to become familiar with how you can detect shadow and orphan endpoints in your API using Wallarm. - [Analyzing CVEs and Attacks](https://docs.wallarm.com/demo-videos/events-inspection/): Watch our demo video to get familiar with the Wallarm platform's CVEs dashboard and know how to use this dashboard... - [API Abuse Prevention](https://docs.wallarm.com/demo-videos/api-abuse-prevention/): Watch our demo video to become familiar with the various bot types that the Wallarm platform's API Abuse Prevention... - [Platform Settings](https://docs.wallarm.com/demo-videos/overview/): Related documentation articles ### API Discovery - [Overview](https://docs.wallarm.com/api-discovery/overview/): Wallarm's multi-protocol API Discovery continuously analyzes the real traffic requests and builds the API inventory... #### Exploring Your APIs - [API Inventory](https://docs.wallarm.com/api-discovery/exploring/): As soon as the API Discovery module has built the catalog of your endpoints (your API inventory), you can explore it... - [Dashboard](https://docs.wallarm.com/api-discovery/dashboard/) - [Track API Changes](https://docs.wallarm.com/api-discovery/track-changes/): If changes occur in your API, API Discovery updates the built API inventory, highlights the changes and gives you... #### Risk Analysis - [Risk Score](https://docs.wallarm.com/api-discovery/risk-score/): The risk score is made up of various factors, each having its own weight when calculating the final risk score. By... - [Rogue APIs (Shadow/Zombie)](https://docs.wallarm.com/api-discovery/rogue-api/): The API Discovery module can detect rogue APIs by comparing live traffic against your uploaded OpenAPI... - [Sensitive Business Flows](https://docs.wallarm.com/api-discovery/sbf/): With the sensitive business flow capability, Wallarm's API Discovery can automatically identify endpoints that are... - [Sensitive Data Detection](https://docs.wallarm.com/api-discovery/sensitive-data/): API Discovery detects and highlights sensitive data consumed and carried by your APIs, which allows applying... - [Setup & Configuration](https://docs.wallarm.com/api-discovery/setup/): This article describes how to enable and configure Wallarm's API Discovery. ### API Protection - [Overview](https://docs.wallarm.com/about-wallarm/api-protection-overview/): Wallarm's API Protection is an advanced set of API and AI protection capabilities. While basic cloud-native WAAP... - [Best Practices](https://docs.wallarm.com/quickstart/attack-prevention-best-practices/): This article will show you how to use Wallarm, a unique platform that is like having two guards in one, for attack... #### API Session Security - [Overview](https://docs.wallarm.com/api-sessions/overview/): Wallarm API Sessions provide deep visibility into user actions within your APIs. Instead of analyzing individual... - [Setup](https://docs.wallarm.com/api-sessions/setup/): API Sessions require NGINX Wallarm node 5.1.0 or Native Wallarm Node 0.8.0. - [Exploring Sessions](https://docs.wallarm.com/api-sessions/exploring/): As soon as Wallarm's API Sessions identified user sessions related to your applications, you can explore them in the... - [Session Blocking](https://docs.wallarm.com/api-sessions/blocking/): As Wallarm's API Sessions aim to provide full visibility into sessions within your traffic, this visibility includes... - [Business Logic Abuse](https://docs.wallarm.com/api-protection/business-logic-abuse-detection/): Wallarm utilizes LLM-based analysis to detect the attempts to abuse a business logic of your applications and block... #### API-Specific Protection - [BOLA Protection](https://docs.wallarm.com/admin-en/configuration-guides/protecting-against-bola-trigger/): Behavioral attacks such as Broken Object Level Authorization (BOLA) exploit the vulnerability of the same name. This... - [Enumeration Attack Protection](https://docs.wallarm.com/api-protection/enumeration-attack-protection/): Wallarm allows protecting your APIs from the enumeration attacks preventing the reveal of information highly... - [GraphQL Protection](https://docs.wallarm.com/api-protection/graphql-rule/): Wallarm detects regular attacks (SQLi, RCE, etc.) in GraphQL by default even under the basic WAAP subscription plan.... - [File Upload Restriction](https://docs.wallarm.com/api-protection/file-upload-restriction/): The unrestricted resource consumption is included in the OWASP API Top 10 2023 list of most serious API security... - [Custom Request Anomaly](https://docs.wallarm.com/api-protection/custom-request-anomaly/): Wallarm can utilize LLM-based analysis to semantically detect any custom anomalies in different points of requests.... #### Bot Management - [Overview](https://docs.wallarm.com/api-abuse-prevention/overview/): The API Abuse Prevention module of the Wallarm platform delivers detection and mitigation of bots performing API... - [Setup](https://docs.wallarm.com/api-abuse-prevention/setup/): This article describes how to enable and configure the API Abuse Prevention module to detect and mitigate malicious... - [Exploring Detected Bots](https://docs.wallarm.com/api-abuse-prevention/exploring-bots/): API Abuse Prevention conveniently visualizes the data on bot activities for the last 30 days at the API Abuse... - [Exceptions](https://docs.wallarm.com/api-abuse-prevention/exceptions/): This article describes how to fine tune API Abuse Prevention by marking legitimate bots and disabling bot protection... #### API Spec Enforcement - [Overview](https://docs.wallarm.com/api-specification-enforcement/overview/): The API Specification Enforcement is designed to apply security policies to your APIs basing on your uploaded... - [Setup](https://docs.wallarm.com/api-specification-enforcement/setup/): This article describes how to enable and configure your API protection based on your uploaded API specification. - [Viewing Events](https://docs.wallarm.com/api-specification-enforcement/viewing-events/): As soon as you uploaded your API specification to be used for applying specification-based security policies and... #### Credential Protection - [Credential Stuffing Detection](https://docs.wallarm.com/about-wallarm/credential-stuffing/): A credential stuffing attack is hazardous because of the common practice of reusing identical usernames and... #### Threat Protection (WAAP) - [WAAP Overview](https://docs.wallarm.com/about-wallarm/waap-overview/): Wallarm Cloud-Native WAAP (Web Application & API Protection) provides advanced protection for applications and APIs... - [Attack Detection & Handling](https://docs.wallarm.com/about-wallarm/protecting-against-attacks/): The Wallarm platform continuously analyzes API traffic and mitigates malicious requests in real-time. From this... - [Brute Force Protection](https://docs.wallarm.com/admin-en/configuration-guides/protecting-against-bruteforce/): A brute force attack is one of the attack types not detected by Wallarm out-of-the-box, its detection should be... - [Forced Browsing Protection](https://docs.wallarm.com/admin-en/configuration-guides/protecting-against-forcedbrowsing/): A forced browsing attack is one of the attack types not detected by Wallarm out-of-the-box, its detection should be... - [Multi-Attack Thresholds](https://docs.wallarm.com/admin-en/configuration-guides/protecting-with-thresholds/): When Wallarm is in blocking mode, it automatically blocks all requests with malicious payloads, letting only... - [DoS Protection](https://docs.wallarm.com/api-protection/dos-protection/): The unrestricted resource consumption is included in the OWASP API Top 10 2023 list of most serious API security... - [DDoS Protection](https://docs.wallarm.com/admin-en/configuration-guides/protecting-against-ddos/): A DDoS (Distributed Denial of Service) attack is a type of cyber attack in which an attacker seeks to make a website... - [IP Filtering](https://docs.wallarm.com/user-guides/ip-lists/overview/): In the IP & Session Lists → IP lists section of Wallarm Console, you can control access to your applications by... - [Filtration Mode](https://docs.wallarm.com/admin-en/configure-wallarm-mode/): Filtration mode defines the filtering node behavior when processing incoming requests. These instructions describe... #### Mitigation Controls - [Overview](https://docs.wallarm.com/about-wallarm/mitigation-controls-overview/): Mitigation controls extend Wallarm's attack protection with additional security measures and allow fine-tuning of... #### Rules & Policies - [Overview](https://docs.wallarm.com/user-guides/rules/rules/): Rules are used to fine-tune the default Wallarm behavior during the analysis of requests and their further... - [Rate Limiting](https://docs.wallarm.com/user-guides/rules/rate-limiting/): The unrestricted resource consumption is included in the OWASP API Top 10 2023 list of most serious API security... - [Virtual Patching](https://docs.wallarm.com/user-guides/rules/vpatch-rule/): In cases when it is impossible to fix a critical vulnerability in the code of your application or install the... - [Custom Regex Rules](https://docs.wallarm.com/user-guides/rules/regex-rule/): Wallarm provides the Create regexp-based attack indicator rule to define your own attack signs that are described... - [Sensitive Data Masking](https://docs.wallarm.com/user-guides/rules/sensitive-data-rule/): Wallarm provides the Mask sensitive data rules to configure data masking for sensitive data not to leak outside the... - [Request Processing](https://docs.wallarm.com/user-guides/rules/request-processing/): When analyzing requests, Wallarm filtering node uses a comprehensive set of parsers. After identifying the request... - [Response Headers](https://docs.wallarm.com/user-guides/rules/add-replace-response-header/): The Change server response headers rule allows adding, deleting server response headers and changing its values. - [Overlimit Detection](https://docs.wallarm.com/user-guides/rules/configure-overlimit-res-detection/): The Wallarm node spends limited time on a single incoming request processing and if the time limit is exceeded,... ### API Security Testing - [Security Testing Overview](https://docs.wallarm.com/vulnerability-detection/security-testing-overview/): Wallarm's Security Testing suite is a comprehensive platform designed to secure APIs throughout the software... #### Threat Replay Testing - [Overview](https://docs.wallarm.com/vulnerability-detection/threat-replay-testing/overview/): By replaying incoming real-world attacks as unharmful security tests, Wallarm's Threat Replay Testing addresses the... - [Setup](https://docs.wallarm.com/vulnerability-detection/threat-replay-testing/setup/): This article describes how to enable and configure Wallarm's Threat Replay Testing. - [Exploring Results](https://docs.wallarm.com/vulnerability-detection/threat-replay-testing/exploring/): Once Threat Replay Testing is enabled and configured, you can explore the performed tests and their results as... #### Schema-Based Testing - [Overview](https://docs.wallarm.com/vulnerability-detection/schema-based-testing/overview/): Wallarm's Schema-Based Testing is a dynamic application security testing (DAST) solution that enables "shift-left"... - [Setup](https://docs.wallarm.com/vulnerability-detection/schema-based-testing/setup/): This article describes how to enable and configure Wallarm's Schema-Based Testing. - [Exploring Results](https://docs.wallarm.com/vulnerability-detection/schema-based-testing/explore/): Once Schema-Based Testing is enabled and tests are run, you can explore the test run results as described in this... #### API Security Testing via Postman - [Overview](https://docs.wallarm.com/vulnerability-detection/api-security-testing-via-postman/overview/): Run safe, passive security tests on your Postman collections to detect authentication gaps, data leaks, and... - [Setup](https://docs.wallarm.com/vulnerability-detection/api-security-testing-via-postman/setup/): This article describes how to enable and configure API Security Testing via Postman. - [Exploring Results](https://docs.wallarm.com/vulnerability-detection/api-security-testing-via-postman/exploring/): You can view API Security Testing results in two ways: mainly in Postman's AI Mode (recommended), or in Wallarm... #### API Attack Surface (AASM) - [Overview](https://docs.wallarm.com/api-attack-surface/overview/): Wallarm's API Attack Surface Management (AASM) is an agentless detection solution tailored to the API ecosystem,... - [Setup](https://docs.wallarm.com/api-attack-surface/setup/): This article describes how to enable and configure API Attack Surface Management to discover your external hosts... - [API Surface Discovery](https://docs.wallarm.com/api-attack-surface/api-surface/): The API Attack Surface Discovery (AASD) component of the Wallarm's API Attack Surface Management scans your selected... - [Security Issues](https://docs.wallarm.com/api-attack-surface/security-issues/): Once API Attack Surface Discovery finds the external hosts of your selected domains, Wallarm checks if these hosts... - [Detecting Vulnerabilities](https://docs.wallarm.com/about-wallarm/detecting-vulnerabilities/): Due to negligence or inadequate information when building or implementing an application, it can be vulnerable to... ### AI Security - [Overview](https://docs.wallarm.com/agentic-ai/overview/): As AI agents and large language models (LLMs) become integrated into enterprise applications, they introduce new... #### AI Discovery - [AI Agent Discovery](https://docs.wallarm.com/agentic-ai/agentic-ai-discovery/): Wallarm's API Discovery automatically identifies your APIs that are related to ML models, neural networks, chatbots... #### AI Protection - [AI Agent Protection](https://docs.wallarm.com/agentic-ai/agentic-ai-protection/): Wallarm provides API-first security for AI systems by protecting AI agents, AI proxies, and APIs with AI features by... - [AI Payload Inspection](https://docs.wallarm.com/agentic-ai/ai-payload-inspection/): Wallarm utilizes LLM-based analysis to detect the attempts to exploit an AI agent’s logic to leak system secrets,... - [Rogue MCP Inspection](https://docs.wallarm.com/agentic-ai/rogue-mcp-inspection/): Wallarm allows you to audit every installed local MCP server to expose supply-chain risks, excessive privileges, and... ### Deployment - [All Deployment Options](https://docs.wallarm.com/installation/supported-deployment-options/) #### Security Edge - [Overview](https://docs.wallarm.com/installation/security-edge/overview/): Security Edge is Wallarm's managed deployment option allowing you to protect your APIs and applications without... - [Free Tier](https://docs.wallarm.com/installation/security-edge/free-tier/): The Free Tier of Security Edge lets you evaluate the Wallarm platform and protect up to 500,000 requests per month -... - **Inline** - [Overview](https://docs.wallarm.com/installation/security-edge/inline/overview/): The Security Edge platform provides a managed service for deploying Wallarm Nodes across geographically distributed... - [Deployment Guide](https://docs.wallarm.com/installation/security-edge/inline/deployment/): To deploy the Wallarm Security Edge for inline traffic analysis, follow this guide. - [Access Control Lists](https://docs.wallarm.com/installation/security-edge/inline/access-control-lists/): An access control list (ACL) is a set of rules that defines which IP addresses can access specific hosts and... - [Cache Rules](https://docs.wallarm.com/installation/security-edge/inline/cache-rules/): Cache rules are settings that define how the Security Edge Inline node stores and reuses responses from specific... - [Custom Block Page](https://docs.wallarm.com/installation/security-edge/inline/custom-block-page/): When the Security Edge Inline Node blocks a malicious request, it returns a block page along with an HTTP 403... - [Host Redirection](https://docs.wallarm.com/installation/security-edge/inline/host-redirection/): Wallarm Security Edge Inline provides a host redirection feature to help you unify traffic entry points. - [mTLS Configuration](https://docs.wallarm.com/installation/security-edge/inline/mtls/): Mutual TLS (mTLS) allows the Wallarm Edge Node to authenticate itself to your origin servers using a client... - [Multi-Region](https://docs.wallarm.com/installation/security-edge/inline/multi-region/): You can deploy the inline Edge Nodes across multiple regions and cloud providers to achieve geo‑redundancy and low... - [NGINX Overrides](https://docs.wallarm.com/installation/security-edge/inline/nginx-overrides/): Security Edge Inline supports overriding NGINX directives at the host (server) and location levels. These overrides... - [Upgrade & Management](https://docs.wallarm.com/installation/security-edge/inline/upgrade-and-management/): Manage the Security Edge Inline deployment from the Wallarm Console by updating configuration settings, upgrading... - **Telemetry Portal** - [Overview](https://docs.wallarm.com/installation/security-edge/inline/telemetry-portal/): The telemetry portal for Security Edge Inline provides Grafana dashboards with real-time insights into metrics on... - [Main Dashboard](https://docs.wallarm.com/installation/security-edge/inline/telemetry-portal-main-dashboard/): This article describes one of the two dashboards in the Security Edge Inline telemetry portal, called Portal Inline... - [Logs Dashboard](https://docs.wallarm.com/installation/security-edge/inline/telemetry-portal-logs-dashboard/): This article describes one of the two dashboards in the Security Edge Inline telemetry portal, called Portal Inline... - [Connectors](https://docs.wallarm.com/installation/security-edge/se-connector/): The Security Edge platform provides a managed service for deploying Wallarm Nodes across geographically distributed... #### Kubernetes - [Istio](https://docs.wallarm.com/installation/connectors/istio/): This guide describes how to secure your APIs managed by Istio using the Wallarm Connector for Istio Ingress. - [Gloo Gateway](https://docs.wallarm.com/installation/connectors/gloo/): This guide describes how to secure your APIs managed by Gloo Gateway (Gloo Edge API) using the Wallarm Connector... - **NGINX Ingress Controller** - [Deployment](https://docs.wallarm.com/admin-en/installation-kubernetes-en/): These instructions provide you with the steps to deploy the Wallarm NGINX-based Ingress controller to your K8s... - [Configuration Options](https://docs.wallarm.com/admin-en/configure-kubernetes-en/): This page describes the Helm chart configuration options for the Wallarm Ingress Controller based on F5 NGINX... - [High Availability](https://docs.wallarm.com/admin-en/configuration-guides/wallarm-ingress-controller/best-practices/high-availability-considerations/): This article provides configuration recommendations for the Wallarm Ingress controller to be highly available and... - [Monitoring](https://docs.wallarm.com/admin-en/configuration-guides/wallarm-ingress-controller/best-practices/ingress-controller-monitoring/): The general aspects of NGINX Ingress controller monitoring are already well covered on the Internet. Wallarm... - [Real Client IP](https://docs.wallarm.com/admin-en/configuration-guides/wallarm-ingress-controller/best-practices/report-public-user-ip/): These instructions describe the Wallarm Ingress controller configuration required to identify an originating IP... - [Chaining Ingress Controllers](https://docs.wallarm.com/admin-en/chaining-wallarm-and-other-ingress-controllers/): These instructions provide you with the steps to deploy the Wallarm Ingress controller to your K8s cluster and chain... - [Kong Ingress Controller](https://docs.wallarm.com/installation/connectors/kong-ingress-controller/): To secure APIs managed by Kong Ingress Controller, Wallarm provides a connector that integrates seamlessly into your... - **Helm Chart for Native Node** - [Deployment](https://docs.wallarm.com/installation/native-node/helm-chart/): The Wallarm Native Node, which operates independently of NGINX, is designed for deployment with some connectors. You... - [Configuration](https://docs.wallarm.com/installation/native-node/helm-chart-conf/): When deploying the self-hosted Wallarm Native Node using the Helm chart, configuration is specified in the... - **Sidecar Proxy** - [Deployment](https://docs.wallarm.com/installation/kubernetes/sidecar-proxy/deployment/): To secure an application deployed as a Pod in a Kubernetes cluster, you can run the NGINX-based Wallarm node in... - [Helm Chart](https://docs.wallarm.com/installation/kubernetes/sidecar-proxy/helm-chart-for-wallarm/): This document describes Wallarm-specific Helm chart values you can change during Wallarm Sidecar deployment or... - [Customization](https://docs.wallarm.com/installation/kubernetes/sidecar-proxy/customization/): This article instructs you on safe and effective customization of the Wallarm Kubernetes Sidecar solution providing... - [Pod Annotations](https://docs.wallarm.com/installation/kubernetes/sidecar-proxy/pod-annotations/): The Wallarm Sidecar solution can be configured via annotations on the per-pod's basis. The list of annotations... - [Scaling](https://docs.wallarm.com/installation/kubernetes/sidecar-proxy/scaling/): This guide focuses on the nuances of scaling, High Availability (HA), and the correct allocation of resources for... - **eBPF (Out-of-Band)** - [Deployment](https://docs.wallarm.com/installation/oob/ebpf/deployment/): !!! info "Beta" - [Helm Chart](https://docs.wallarm.com/installation/oob/ebpf/helm-chart-for-wallarm/): This document provides information about Wallarm-specific Helm chart values that can be modified during the... - [Selecting Packets](https://docs.wallarm.com/installation/oob/ebpf/selecting-packets/): The Wallarm eBPF solution operates on a traffic mirror and provides control over the traffic mirror scope. It allows... #### Cloud Platforms - **AWS** - [AMI for NGINX Node](https://docs.wallarm.com/installation/cloud-platforms/aws/ami/) - [AMI for Native Node](https://docs.wallarm.com/installation/native-node/aws-ami/): The Wallarm Native Node, which operates independently of NGINX, is designed for Wallarm connector self-hosted... - [Docker on ECS](https://docs.wallarm.com/installation/cloud-platforms/aws/docker-container/): This quick guide provides the steps to deploy the Docker image of the NGINX-based Wallarm node to the Amazon cloud... - **Terraform Module** - [Overview](https://docs.wallarm.com/installation/cloud-platforms/aws/terraform-module/overview/): Wallarm provides the Terraform module to deploy the node to AWS from the Terraform-compatible environment. Use these... - [Terraform for VPC](https://docs.wallarm.com/installation/cloud-platforms/aws/terraform-module/proxy-in-aws-vpc/): This example demonstrates how to deploy Wallarm as an inline proxy to an existing AWS Virtual Private Cloud (VPC)... - [Terraform for API Gateway](https://docs.wallarm.com/installation/cloud-platforms/aws/terraform-module/proxy-for-aws-api-gateway/): This example demonstrates how to protect Amazon API Gateway with Wallarm deployed as an inline proxy to AWS Virtual... - [AWS WAF Integration](https://docs.wallarm.com/installation/cloud-platforms/aws/aws-waf-integration/): In modern cloud architectures, a layered security approach is essential to protect both the perimeter and the... - [Cost Estimation](https://docs.wallarm.com/installation/cloud-platforms/aws/costs/): This page outlines the typical AWS infrastructure costs associated with deploying Wallarm NGINX Nodes using... - **Autoscaling** - [Overview](https://docs.wallarm.com/admin-en/installation-guides/amazon-cloud/autoscaling-overview/): You can set up Wallarm filtering node auto scaling to make sure that filtering nodes are capable of handling traffic... - [Create AMI Image](https://docs.wallarm.com/admin-en/installation-guides/amazon-cloud/create-image/): You can set up auto scaling for the Wallarm filtering nodes deployed on the Amazon cloud. This function requires... - [Autoscaling Group Setup](https://docs.wallarm.com/admin-en/installation-guides/amazon-cloud/autoscaling-group-guide/): !!! info "Required rights" - [Load Balancing](https://docs.wallarm.com/admin-en/installation-guides/amazon-cloud/load-balancing-guide/): Now, once you have a [configured][link-doc-asg-guide] filtering node Auto Scaling Group, you need to create and... - **GCP** - [Machine Image for NGINX Node](https://docs.wallarm.com/installation/cloud-platforms/gcp/machine-image/) - [Docker on GCE](https://docs.wallarm.com/installation/cloud-platforms/gcp/docker-container/): This quick guide provides the steps to deploy the Docker image of the NGINX-based Wallarm node to the Google Cloud... - **Autoscaling** - [Overview](https://docs.wallarm.com/admin-en/installation-guides/google-cloud/autoscaling-overview/): You can set up Wallarm filtering node auto scaling on the Google Cloud Platform (GCP) to make sure that filtering... - [Create GCP Image](https://docs.wallarm.com/admin-en/installation-guides/google-cloud/create-image/): To set up auto scaling of the Wallarm filtering nodes deployed on the Google Cloud Platform (GCP) you first need... - [Instance Template](https://docs.wallarm.com/admin-en/installation-guides/google-cloud/creating-instance-template/): A filtering node instance template will be used later as the base when creating a managed instance group. To create... - [Autoscaling Group](https://docs.wallarm.com/admin-en/installation-guides/google-cloud/creating-autoscaling-group/): To create a managed instance group and configure its auto scaling, perform the following steps: - [Load Balancing](https://docs.wallarm.com/admin-en/installation-guides/google-cloud/load-balancing-guide/): Now that you have a [configured][link-doc-asg-guide] managed instance group with enabled auto scaling, you need to... - **Azure** - [Container Instances](https://docs.wallarm.com/installation/cloud-platforms/azure/docker-container/): This quick guide provides the steps to deploy the Docker image of the NGINX-based Wallarm node to the Microsoft... - **Alibaba Cloud** - [Docker on ECS](https://docs.wallarm.com/installation/cloud-platforms/alibaba-cloud/docker-container/): This quick guide provides the steps to deploy the Docker image of the NGINX-based Wallarm node to the Alibaba Cloud... - [Heroku](https://docs.wallarm.com/installation/heroku/docker-image/): Wallarm can protect web applications and APIs deployed on the Heroku cloud platform. This guide walks you through... - [Private Cloud](https://docs.wallarm.com/installation/cloud-platforms/private-cloud/): Private clouds are cloud environments deployed solely to a single organization or entity, providing exclusive use... - [Cloud-Init Script](https://docs.wallarm.com/installation/cloud-platforms/cloud-init/): If following the Infrastructure as Code (IaC) approach, you may need to use the `cloud-init` script to deploy the... #### API Gateways - [AWS API Gateway](https://docs.wallarm.com/installation/connectors/aws-api-gateway/): The Wallarm Connector for Amazon API Gateway automatically builds an [API inventory][api-inventory] from real... - [Broadcom Layer7](https://docs.wallarm.com/installation/connectors/layer7-api-gateway/): Broadcom's Layer7 API Gateways provide a robust solution for controlling and securing an organization's API traffic.... - [Kong API Gateway](https://docs.wallarm.com/installation/connectors/standalone-kong-api-gateway/): To secure APIs managed by a standalone Kong API Gateway, Wallarm provides a connector implemented as a Lua plugin. #### CDN - [Akamai EdgeWorkers](https://docs.wallarm.com/installation/connectors/akamai-edgeworkers/): For customers delivering their APIs through Akamai CDN properties, Wallarm provides a dedicated EdgeWorker code... - [CloudFront](https://docs.wallarm.com/installation/connectors/aws-lambda/): To use Wallarm as a connector for CloudFront, you need to deploy the Wallarm node externally and run... - [Azion Edge](https://docs.wallarm.com/installation/connectors/azion-edge/): The solution involves deploying the Wallarm node externally and injecting custom code or policies into the specific... - [Cloudflare](https://docs.wallarm.com/installation/connectors/cloudflare/): To use Wallarm as a connector for Cloudflare, you need to deploy the Wallarm Node externally and run a Cloudflare... - [Fastly](https://docs.wallarm.com/installation/connectors/fastly/): To use Wallarm as a Fastly connector, you need to deploy the Wallarm Node externally and run a Fastly Compute... #### API Management Platform - **Mulesoft** - [Flex Gateway](https://docs.wallarm.com/installation/connectors/mulesoft-flex/): This guide describes how to secure your Mule and non-Mule APIs managed by MuleSoft Flex Gateway using the Wallarm... - [Mule Gateway](https://docs.wallarm.com/installation/connectors/mulesoft/): This guide describes how to secure your Mule APIs managed by Mule Gateway using the Wallarm connector. - [Azure API Management](https://docs.wallarm.com/installation/connectors/azure-api-management/): This guide describes how to secure your APIs managed by Azure API Management (APIM) using the Wallarm connector. - [Apigee](https://docs.wallarm.com/installation/connectors/apigee/): This guide describes how to secure your APIs managed by Apigee API Management (APIM) using the Wallarm connector. - [IBM API Connect](https://docs.wallarm.com/installation/connectors/ibm-api-connect/): To integrate Wallarm with IBM API Connect, deploy a Wallarm node externally and configure IBM API Gateway to proxy... #### TCP Traffic Mirror - [Deployment](https://docs.wallarm.com/installation/oob/tcp-traffic-mirror/deployment/): Wallarm provides an artifact for deploying its filtering node, specifically designed for TCP traffic mirror... #### Packages & Containers - **Linux OS** - [All-in-one installer for NGINX Node](https://docs.wallarm.com/installation/nginx/all-in-one/) - [All-in-one installer for Native Node](https://docs.wallarm.com/installation/native-node/all-in-one/): The Wallarm Native Node, which operates independently of NGINX, is designed for Wallarm connector self-hosted... - **Docker** - [Image for NGINX Node](https://docs.wallarm.com/admin-en/installation-docker-en/): The Wallarm NGINX-based filtering node can be deployed using a Docker image. This node supports both x8664 and ARM64... - [Image for Native Node](https://docs.wallarm.com/installation/native-node/docker-image/): The Wallarm Native Node, which operates independently of NGINX, is designed for deployment with some connectors. You... - [NGINX Node Configuration](https://docs.wallarm.com/admin-en/configure-parameters-en/): Learn fine-tuning options available for the self-hosted Wallarm NGINX node to get the most out of the Wallarm solution. - [Native Node Configuration](https://docs.wallarm.com/installation/native-node/all-in-one-conf/): When deploying the self-hosted Wallarm Native Node using the all-in-one installer, Docker image or AWS AMI, you... #### Special Setups - **Multi-Tenant Node** - [Overview](https://docs.wallarm.com/installation/multi-tenant/overview/): The multitenancy feature allows using Wallarm to protect several independent company infrastructures or isolated... - [Configure Accounts](https://docs.wallarm.com/installation/multi-tenant/configure-accounts/): These instructions provide you with the steps for the correct configuration of tenant accounts. - [Deploy Multi-Tenant Node](https://docs.wallarm.com/installation/multi-tenant/deploy-multi-tenant-node/): The multi-tenant node protects several independent company infrastructures or isolated environments simultaneously. - [Separate Postanalytics Module](https://docs.wallarm.com/admin-en/installation-postanalytics-en/): In Wallarm's request processing, two stages are involved, including the postanalytics stage for statistical request... - [Custom NGINX Version](https://docs.wallarm.com/installation/custom/custom-nginx-version/): If you require Wallarm for an NGINX version that is different from the versions supported by all-in-one... - [Request Custom Deployment Option](https://docs.wallarm.com/installation/custom/request-custom-deployment/): If you are interested in custom deployment options that are not listed on our supported option list, we are happy to... #### Related Documentation - [Inline Traffic Flow](https://docs.wallarm.com/installation/inline/overview/): Wallarm can be deployed in-line to mitigate threats in real-time. In this case, traffic to protected APIs passes... - [Out-of-band Traffic Flow](https://docs.wallarm.com/installation/oob/overview/): Wallarm can be deployed as a self-hosted Out-of-Band (OOB) security solution inspecting requests via a mirror of the... - [NGINX and Native Node Overview](https://docs.wallarm.com/installation/nginx-native-node-internals/): The Wallarm Node is the core component of the Wallarm platform, responsible for filtering and analyzing traffic. You... - [Connector Overview](https://docs.wallarm.com/installation/connectors/overview/): API deployment can be done in various ways, including utilizing external tools such as Azion Edge, Akamai Edge,... ### Maintenance - [Overview](https://docs.wallarm.com/maintenance/overview/): This section provides comprehensive guidance on maintaining, monitoring, and upgrading your Wallarm deployment to... #### Nodes & Infrastructure - [Node Overview](https://docs.wallarm.com/user-guides/nodes/nodes/): The Nodes section of the Wallarm Console allows you to manage self-hosted nodes (Security Edge nodes are managed... - [Resource Allocation](https://docs.wallarm.com/admin-en/configuration-guides/allocate-resources-for-node/): The amount of memory and CPU resources allocated for the Wallarm NGINX node determines the quality and speed of... - [Control over Export to Cloud](https://docs.wallarm.com/admin-en/export-to-cloud/): You can have full visibility and control on which data is exported from Wallarm node to Cloud. This article... - [Cloud Synchronization](https://docs.wallarm.com/admin-en/configure-cloud-node-synchronization-en/): The filtering node regularly synchronizes with the Wallarm Cloud to: - [Proxy Configuration](https://docs.wallarm.com/admin-en/configuration-guides/access-to-wallarm-api-via-proxy/): These instructions describe the steps to configure access to Wallarm API via the proxy server. - [Block Page Configuration](https://docs.wallarm.com/admin-en/configuration-guides/configure-block-page-and-code/): These instructions describe the method to customize the blocking page and error code returned in the response to... - [Handling Invalid Headers](https://docs.wallarm.com/admin-en/configuration-guides/handling-invalid-headers/): By default, NGINX drops headers it considers invalid, such as those with `.` or `` in their names. This prevents... - [JA3 Fingerprinting](https://docs.wallarm.com/admin-en/enabling-ja3/): This article describes how to enable JA3 fingerprinting for the most popular software such as NGINX and... - [Terraform Provider](https://docs.wallarm.com/admin-en/managing/terraform-provider/): If you use Terraform to manage your infrastructures, that may be a comfortable option for you to use it for managing... #### Monitoring & Metrics - **NGINX Node Metrics** - [Overview](https://docs.wallarm.com/admin-en/nginx-node-metrics/): The [NGINX Node][nginx-node-landing] exposes metrics in the Prometheus format, which you can use to monitor its... - [Postanalytics Metrics](https://docs.wallarm.com/admin-en/wstore-metrics/): This article describes the Postanalytics module and the service runtime metrics of the NGINX Node to help monitor... - [wcli Controller Metrics](https://docs.wallarm.com/admin-en/wcli-metrics/): This article describes the metrics of the wcli Controller of the NGINX Node to help monitor and troubleshoot the... - [API Firewall Metrics](https://docs.wallarm.com/admin-en/apifw-metrics/): This article describes the API Firewall metrics of the NGINX Node. The API Firewall provides the core functionality... - **Native Node Metrics** - [Overview](https://docs.wallarm.com/admin-en/native-node-metrics/): The [Native Node][nginx-node-landing] exposes metrics in the Prometheus format, which you can use to monitor its... - [Postanalytics Metrics](https://docs.wallarm.com/admin-en/native-node-metrics-wstore/): This article describes the Postanalytics module and the service runtime metrics of the Native Node to help monitor... - [Runtime Metrics](https://docs.wallarm.com/admin-en/native-node-metrics-gonode/): This article describes the Native Node runtime metrics to help monitor and troubleshoot the Native Node. - [Statistics Service](https://docs.wallarm.com/admin-en/configure-statistics-service/): You can obtain Wallarm NGINX or Native node statistics using the `wallarmstatus` service. This article describes how... - [Node Logging](https://docs.wallarm.com/admin-en/configure-logging/): This article guides you on how to find the log files of a Wallarm filtering node. - [Failover Configuration](https://docs.wallarm.com/admin-en/configure-backup-en/): Deploying a filter node as a reverse proxy requires that the filter node is highly available. The filter node... - [Health Check](https://docs.wallarm.com/admin-en/uat-checklist-en/): This document provides you with a checklist to ensure Wallarm operates correctly after a new filtering node... #### Upgrades & Migration - [Versioning Policy](https://docs.wallarm.com/updating-migrating/versioning-policy/): This document details Wallarm's versioning policy for self-hosted NGINX-based and Native Nodes and Edge Nodes, which... - [General Recommendations](https://docs.wallarm.com/updating-migrating/general-recommendations/): This document describes recommendations and associated risks for a safe upgrade of Wallarm Nodes. - [What's New](https://docs.wallarm.com/updating-migrating/what-is-new/): Wallarm Node 7.x introduces a new deployment artifact for Kubernetes environments — the Wallarm Ingress Controller... - [NGINX Node Changelog](https://docs.wallarm.com/updating-migrating/node-artifact-versions/): This document lists available versions of the NGINX Wallarm Node 6.x in various form factors, helping you track... - [Native Node Changelog](https://docs.wallarm.com/updating-migrating/native-node/node-artifact-versions/): This document lists available versions of the Native Wallarm Node 0.14.x+ in various form factors, helping you track... - **NGINX Node Upgrade Instructions** - [DEB/RPM Packages](https://docs.wallarm.com/updating-migrating/nginx-modules/): These instructions describe the steps to upgrade the Wallarm NGINX modules 4.x installed from the individual... - [Postanalytics Module](https://docs.wallarm.com/updating-migrating/separate-postanalytics/): These instructions describe the steps to upgrade the postanalytics module installed on a separate server up to the... - [All-in-One Installer](https://docs.wallarm.com/updating-migrating/all-in-one/): These instructions describe the steps to upgrade the Wallarm node installed using all‑in‑one installer to the latest... - [Docker Image](https://docs.wallarm.com/updating-migrating/docker-container/): These instructions describe the steps to upgrade the running Docker NGINX-based image to the latest version 6.x. - [Ingress Controller](https://docs.wallarm.com/updating-migrating/ingress-controller/): This topic explains why and how to migrate from the Wallarm Ingress Controller based on the [Community Ingress... - [Ingress Controller Retirement](https://docs.wallarm.com/updating-migrating/nginx-ingress-retirement/): In November 2025, the Kubernetes community announced the retirement of the Community Ingress NGINX project, with... - [Sidecar Proxy](https://docs.wallarm.com/updating-migrating/sidecar-proxy/): These instructions describe the steps to upgrade Wallarm Sidecar solution up to the latest 6.x version. - [Cloud Image](https://docs.wallarm.com/updating-migrating/cloud-image/): These instructions describe the steps to upgrade the cloud node image deployed on AWS or GCP up to the latest 6.x. - [Multi-Tenant Node](https://docs.wallarm.com/updating-migrating/multi-tenant/): These instructions describe the steps to upgrade the multi-tenant node up to the latest 6.x. - **Native Node Upgrade Instructions** - [All-in-One Installer](https://docs.wallarm.com/updating-migrating/native-node/all-in-one/): These instructions describe the steps to upgrade the Native Node installed using all-in-one installer. - [Helm Chart](https://docs.wallarm.com/updating-migrating/native-node/helm-chart/): These instructions describe the steps to upgrade the Native Node deployed using Helm chart. - [Docker Image](https://docs.wallarm.com/updating-migrating/native-node/docker-image/): These instructions describe the steps to upgrade the Native Node deployed from the Docker image. - [Connector's Code Bundle Release Notes](https://docs.wallarm.com/installation/connectors/code-bundle-inventory/): This document lists the versions of connector code bundles that work with the Native Node (MuleSoft, Cloudflare, etc.). - **EOL Node Upgrades (3.6 and lower)** - [What's New](https://docs.wallarm.com/updating-migrating/older-versions/what-is-new/): This page lists the changes available when upgrading the node of the deprecated version (3.6 and lower) up to... - [NGINX Modules](https://docs.wallarm.com/updating-migrating/older-versions/nginx-modules/): These instructions describe the steps to upgrade the end‑of‑life Wallarm NGINX modules (version 3.6 and lower) to... - [Postanalytics](https://docs.wallarm.com/updating-migrating/older-versions/separate-postanalytics/): These instructions describe the steps to upgrade the end‑of‑life postanalytics module (version 3.6 and lower)... - [Docker Image](https://docs.wallarm.com/updating-migrating/older-versions/docker-container/): These instructions describe the steps to upgrade the running end‑of‑life Docker NGINX-based image (version 3.6 and... - [Ingress Controller](https://docs.wallarm.com/updating-migrating/older-versions/ingress-controller/): These instructions describe the steps to upgrade deployed end‑of‑life Wallarm Ingress Controller (version 3.6 and... - [Cloud Image](https://docs.wallarm.com/updating-migrating/older-versions/cloud-image/): These instructions describe the steps to upgrade the end‑of‑life cloud node image (version 3.6 and lower) deployed... - [Multi-Tenant](https://docs.wallarm.com/updating-migrating/older-versions/multi-tenant/): These instructions describe the steps to upgrade the end‑of‑life multi-tenant node (version 3.6 and lower) up to the... - [Migrate IP Lists](https://docs.wallarm.com/updating-migrating/migrate-ip-lists-to-node-3/): Starting with Wallarm node 3.x, the method of IP address allowlist and denylist configuration has been changed. This... #### Operations - [Learning Request Volume](https://docs.wallarm.com/admin-en/operation/learn-incoming-request-number/): Wallarm's primary licensing/billing methods are based on the level of requests served by Wallarm filtering nodes... - [Scanner IP Addresses](https://docs.wallarm.com/admin-en/scanner-addresses/): This document provides the lists of IP addresses for US and EU Clouds from which Wallarm scans company resources for... #### Troubleshooting - [Overview](https://docs.wallarm.com/troubleshooting/overview/): This section describes most common troubleshooting cases related to Wallarm, providing you with solutions to... - [Detection and Blocking](https://docs.wallarm.com/troubleshooting/detection-and-blocking/): If you suspect that attacks from the traffic are not uploaded to the Wallarm Cloud and, as a result, do not appear... - [Detection Tools](https://docs.wallarm.com/troubleshooting/detection-tools-tuning/): Wallarm is a set of protection tools. If they work not as expected, you can always tune them under your specific... - [Performance](https://docs.wallarm.com/troubleshooting/performance/): Recommended CPU usage by Wallarm is about 10-15%, meaning that filtering nodes will be able to handle a x10 traffic... - [Real Client IP](https://docs.wallarm.com/admin-en/using-proxy-or-balancer-en/): These instructions describe the NGINX configuration required to identify an originating IP address of a client... - [End User Problems](https://docs.wallarm.com/faq/common-errors-after-installation/): If some errors occur after NGINX Wallarm node installation, check this troubleshooting guide to address them. If you... - [Wallarm Ingress Controller](https://docs.wallarm.com/faq/ingress-installation/): This troubleshooting guide lists common issues you can face during the Wallarm NGINX-based Ingress controller... - [Wallarm Cloud is Down](https://docs.wallarm.com/faq/wallarm-cloud-down/): If the Wallarm Cloud is down, Wallarm nodes continue attack mitigation with some limitations. To learn more, use... - [OWASP Dashboard Alerts](https://docs.wallarm.com/faq/node-issues-on-owasp-dashboards/): When Wallarm nodes are not updated or face synchronization issues with the Cloud, error messages appear on the OWASP... - [NGINX Error Log](https://docs.wallarm.com/troubleshooting/wallarm-issues-in-nginx-error-log/): This article lists common NGINX error log lines related to Wallarm and describes how to fix the corresponding problems. - [Dynamic DNS in NGINX](https://docs.wallarm.com/admin-en/configure-dynamic-dns-resolution-nginx/): This article explains the difference between static and dynamic DNS resolution in NGINX and how to configure dynamic... ### Integrations - [Integrations Overview](https://docs.wallarm.com/user-guides/settings/integrations/integrations-intro/): Being your shield against the OWASP API Top 10 threats, API abuse, and automated threats, Wallarm takes your... #### Messaging & Alerts - [Email](https://docs.wallarm.com/user-guides/settings/integrations/email/): You can set additional email addresses that will be used to deliver scheduled PDF reports and instant notifications.... - [Slack](https://docs.wallarm.com/user-guides/settings/integrations/slack/): 1. Open the Integrations section. - [Microsoft Teams](https://docs.wallarm.com/user-guides/settings/integrations/microsoft-teams/): 1. Open the Integrations section. - [Telegram](https://docs.wallarm.com/user-guides/settings/integrations/telegram/): Scheduled reports can be sent on a daily, weekly, or monthly basis. Reports include detailed information about... #### Incident Management - [PagerDuty](https://docs.wallarm.com/user-guides/settings/integrations/pagerduty/): In PagerDuty UI, [set up an integration][link-pagerduty-docs] for any existing service or create a new service... - [Opsgenie](https://docs.wallarm.com/user-guides/settings/integrations/opsgenie/): In Opsgenie UI: - [Jira](https://docs.wallarm.com/user-guides/settings/integrations/jira/): !!! info "Supported versions" - [ServiceNow](https://docs.wallarm.com/user-guides/settings/integrations/servicenow/): ServiceNow is a platform to help companies manage digital workflows for enterprise operations. Your company needs an... - [InsightConnect](https://docs.wallarm.com/user-guides/settings/integrations/insightconnect/): First, generate and copy an API key as follows: #### SIEM & Analytics - [Splunk](https://docs.wallarm.com/user-guides/settings/integrations/splunk/): In Splunk UI: - [Sumo Logic](https://docs.wallarm.com/user-guides/settings/integrations/sumologic/): In Sumo Logic UI: - [Azure Monitor Logs / Microsoft Sentinel](https://docs.wallarm.com/user-guides/settings/integrations/azure-sentinel/): In the Microsoft Azure portal: - [Datadog](https://docs.wallarm.com/user-guides/settings/integrations/datadog/): 1. Open the Datadog UI → Organization Settings → API Keys and generate the API key for the integration with Wallarm. #### Log Collectors - [Fluentd](https://docs.wallarm.com/user-guides/settings/integrations/fluentd/): Wallarm sends notifications to Fluentd via webhooks in the JSON format. The set of JSON objects depends on the event... - [Logstash](https://docs.wallarm.com/user-guides/settings/integrations/logstash/): Wallarm sends notifications to Logstash via webhooks in the JSON format. The set of JSON objects depends on the... - **Integration Examples** - [IBM QRadar via Fluentd](https://docs.wallarm.com/user-guides/settings/integrations/webhook-examples/fluentd-qradar/): These instructions provide you with the example integration of Wallarm with the Fluentd data collector to further... - [IBM QRadar via Logstash](https://docs.wallarm.com/user-guides/settings/integrations/webhook-examples/logstash-qradar/): These instructions provide you with the example integration of Wallarm with the Logstash data collector to further... - [Splunk via Fluentd](https://docs.wallarm.com/user-guides/settings/integrations/webhook-examples/fluentd-splunk/): These instructions provide you with the example integration of Wallarm with the Fluentd data collector to further... - [Splunk via Logstash](https://docs.wallarm.com/user-guides/settings/integrations/webhook-examples/logstash-splunk/): These instructions provide you with the example integration of Wallarm with the Logstash data collector to further... - [ArcSight via Fluentd](https://docs.wallarm.com/user-guides/settings/integrations/webhook-examples/fluentd-arcsight-logger/): These instructions provide you with the example integration of Wallarm with the Fluentd data collector to further... - [ArcSight via Logstash](https://docs.wallarm.com/user-guides/settings/integrations/webhook-examples/logstash-arcsight-logger/): These instructions provide you with the example integration of Wallarm with the Logstash data collector to further... - [Datadog via Fluentd/Logstash](https://docs.wallarm.com/user-guides/settings/integrations/webhook-examples/fluentd-logstash-datadog/): You can set up Wallarm to send notifications of detected events to Datadog through the Fluentd or Logstash... #### Cloud Storage - [Amazon S3](https://docs.wallarm.com/user-guides/settings/integrations/amazon-s3/): Data fields for each hit: - [MinIO](https://docs.wallarm.com/user-guides/settings/integrations/minio/): Every 10 minutes, Wallarm exports data on detected hits to a MinIO S3-compatible bucket. A hit is a serialized... #### Webhooks - [Webhook Configuration](https://docs.wallarm.com/user-guides/settings/integrations/webhook/): You can set up Wallarm to send instant notifications to any system that accepts incoming webhooks via HTTPS protocol. #### DevSecOps - [Docker Image Security](https://docs.wallarm.com/integrations-devsecops/verify-docker-image-signature/): Wallarm signs and shares the public key for its Docker images, enabling you to verify their authenticity and... - [Generate SBOM](https://docs.wallarm.com/integrations-devsecops/generate-sbom-for-docker-images/): The Software Bill of Materials (SBOM) is an inventory that lists the software components and their dependencies in... ### Platform Management - [Overview](https://docs.wallarm.com/platform-management/overview/): This section covers the administration and management of the Wallarm platform, including user access, monitoring,... #### Dashboards - [Threat Prevention Dashboard](https://docs.wallarm.com/user-guides/dashboards/threat-prevention/): Review the malicious traffic characteristics for the period of time with the Threat Prevention dashboard. Get clear... - [API Discovery Dashboard](https://docs.wallarm.com/user-guides/dashboards/api-discovery/) - [OWASP API Top 10 Dashboard](https://docs.wallarm.com/user-guides/dashboards/owasp-api-top-ten/): The OWASP API Security Top 10 is a gold standard for the evaluation of security risk in APIs. To help you measure... - [Business Intelligence](https://docs.wallarm.com/user-guides/dashboards/bi-dashboards/): In Wallarm, you have the ability to build and customize your own dashboards. This allows you to collect, present,... #### Monitoring & Events - [Event Overview](https://docs.wallarm.com/user-guides/events/overview/): Wallarm's Threat Management provides full, real-time picture of your security posture and allows controlling used... - [Analyzing Attacks](https://docs.wallarm.com/user-guides/events/check-attack/): This article describes how you can analyze attacks detected by the Wallarm node and take actions regarding them. - [Analyzing Incidents](https://docs.wallarm.com/user-guides/events/check-incident/): Incidents are attacks that successfully exploited the security issue (vulnerability) passively detected by Wallarm.... - [Grouping & Sampling](https://docs.wallarm.com/user-guides/events/grouping-sampling/): When analyzing attacks, it is important to understand how malicious requests are presented. Wallarm uses hit... - [Security Issues](https://docs.wallarm.com/user-guides/vulnerabilities/): Security issues (vulnerabilities) are security flaws in an infrastructure that may be exploited by attackers to... #### Triggers & Alerts - [Trigger Configuration](https://docs.wallarm.com/user-guides/triggers/triggers/): Triggers are tools used to set up Wallarm response to different events. Triggers combine a significant number of... #### Search & Reports - [Search & Filters](https://docs.wallarm.com/user-guides/search-and-filters/use-search/): Wallarm provides convenient methods for searching detected events (attacks and incidents). In the Attacks and... - [Custom Reports](https://docs.wallarm.com/user-guides/search-and-filters/custom-report/): You can filter events and then export the results into a PDF or CSV report. Wallarm will email the created report to... #### Account Settings - [Account](https://docs.wallarm.com/user-guides/settings/account/): To see your profile data and settings, proceed to Settings → Profile tab. - [Applications](https://docs.wallarm.com/user-guides/settings/applications/): If your company has several applications, you may find it convenient not only to view the statistics of the entire... - [Audit Log](https://docs.wallarm.com/user-guides/settings/audit-log/): On the Settings → Activity log tab of Wallarm Console, you can check the history of user actions in the Wallarm... #### Users & Access - [User Management](https://docs.wallarm.com/user-guides/settings/users/): Invite your team members to your Wallarm account and assign each one a specific role to safeguard sensitive... - [API Tokens](https://docs.wallarm.com/user-guides/settings/api-tokens/): In Wallarm Console → Settings → API tokens, you can manage tokens for API request authentication and for filtering... - **SSO Configuration** - [SSO Overview](https://docs.wallarm.com/admin-en/configuration-guides/sso/intro/): You can use single sign‑on (SSO) technology to authenticate your company's users to the Wallarm Console. Wallarm... - [SSO Setup](https://docs.wallarm.com/admin-en/configuration-guides/sso/setup/): This article describes the generic flow of enabling and configuring Wallarm's SAML SSO Authentication. - [Google Workspace](https://docs.wallarm.com/admin-en/configuration-guides/sso/sso-gsuite/): This guide covers the process of connecting the G Suite (Google) service as an identity provider to Wallarm, which... - [Okta](https://docs.wallarm.com/admin-en/configuration-guides/sso/sso-okta/): This guide covers the process of connecting the [Okta][link-okta] service as an identity provider to Wallarm, which... - [Troubleshooting](https://docs.wallarm.com/admin-en/configuration-guides/sso/troubleshooting/): This article describes how to troubleshoot Wallarm's SAML SSO Authentication. - [LDAP Integration](https://docs.wallarm.com/admin-en/configuration-guides/ldap/ldap/): You can use LDAP technology to authenticate your company's users to the Wallarm Console if your company already uses... #### Plans & Pricing - [Subscription Plans](https://docs.wallarm.com/about-wallarm/subscription-plans/): Wallarm is the only solution that unifies API discovery, risk management, real-time protection, and testing... ### Reference - [Overview](https://docs.wallarm.com/reference/overview/): This section provides reference materials, technical specifications, and resources for the Wallarm platform. #### API Reference - [Overview](https://docs.wallarm.com/api/overview/): Wallarm API provides interaction between components of the Wallarm system. You can use Wallarm API methods to... - [Request Examples](https://docs.wallarm.com/api/request-examples/): The following are some examples of Wallarm API use. You can also generate code examples via the API Reference UI for... - [Attack Types](https://docs.wallarm.com/attacks-vulns-list/): This article lists and describes attacks and vulnerabilities that Wallarm can detect including those presented in... - [Glossary](https://docs.wallarm.com/glossary-en/): The glossary covers the core Wallarm entities to provide you with a better understanding of the platform. - [Data Retention Policy](https://docs.wallarm.com/about-wallarm/data-retention-policy/): This policy outlines retention periods for different datasets collected by Wallarm and stored in the Wallarm Cloud. - [Shared Responsibility Model](https://docs.wallarm.com/about-wallarm/shared-responsibility/): Wallarm relies on a shared responsibility security model. In this model, all parties (Wallarm and its clients) have... - [Comparing Wallarm to Other Solutions](https://docs.wallarm.com/reference/comparing-wallarm-to-other-solutions/): When comparing Wallarm to other security or WAF solutions, it's essential to gather and present meaningful data.... - [SLA](https://docs.wallarm.com/sla/): This article describes such aspects of Wallarm's service level as service availability time percentage, possible...