Test Low and Slow Attack Detections in Seconds with Testing Time Control | Impart Security
With Testing Time Control, Impart Security has built an industry first way to test rate limiting rules. Testing time control is an innovation from Impart that can dynamically adjust system clocks in order to simulate test requests coming from different times. This helps security teams drastically reduce the time spent ... Read More
Blocking in Production Requires a Modern Security DevEx | Impart Security
Blocking in Production Requires a Modern Security DevExI've spoken to many security leaders who are genuinely scared of blocking in production. And I totally get it - blocking is scary. Some folks have real PTSD from past mistakes.One security leader I talked to is still explaining an outage from a ... Read More
Understand Blocked Requests Faster with Rule Tracing | Impart Security
Introducing Rule TracingWe're excited to announce the release of Rule Tracing, a powerful new feature in Impart Security that provides clear visibility into which specific security rule triggered a blocking decision. This feature enables security engineers to design, test, and fine-tune a comprehensive security policy more efficiently than ever.Security rules ... Read More
Shifting Application Security into the Runtime | Impart Security
Let’s go through a quick history lesson on AppSec. In the early 2000s, injection vulnerabilities were everywhere. Entire careers and companies were made to combat XSS and SQL injection.The approach to stop this at the time was to try to find as many of these vulnerabilities as possible before the ... Read More
Develop Firewall Rules Safely with Regression Testing | Impart Security
Develop Firewall Rules Safely with Regression TestingWe are thrilled to announce the launch of our latest innovation: Firewall Regression Testing. This powerful new feature empowers security teams to thoroughly test firewall rule changes before they impact production traffic, bringing modern development practices to firewall management.Why Firewall Regression Testing?Traditionally, firewalls have ... Read More
The Future of Appsec is APIs | Impart Security
API security, microservices, decentralized applications, WAF, authentication, authorization, AI, security testing, response and enforcement, WAFs, security visibility, API exploitation ... Read More
The Evolution of WAF and RASP | Impart Security
Rami McCarthy did a great post last month touching on some of the history of RASP. I thought the post was great and did a great job focusing on the competitive landscape, industry factors, and technical barriers to entry. In this post, I wanted to dig deeper into the future ... Read More
Why WAF Rate Limiting isn’t Enough | Impart Security
Some WAFs in the market offer rate limiting features designed to stop automated API attacks. They do this by implementing a centralized control plane with shared state and counters in the cloud to enable over time detections. However, these solutions still struggle with the unique challenges posed by API attacks, leaving ... Read More
Understanding the Dell Data Breach | Impart Security
Recently, Dell faced a significant data breach, where a threat actor exploited API vulnerabilities to steal 49 million customer records. This incident not only underscores the growing threat of API abuse but also highlights the necessity for robust security measures to protect sensitive data.In this blog post, we will delve ... Read More
Impart Security: Leading the Charge in API Security with SOC 2 Type 2 Certification | Impart Security
We're incredibly proud to share some exciting news at Impart Security: We've achieved SOC 2 Type 2 certification! This certification represents our unwavering dedication to providing exceptional security and operational excellence in API security ... Read More