Reflecting on Wallarm’s Journey: Growth, Resilience, and What Comes Next
By Ivan Novikov and Stepan Ilyin When we started Wallarm, we focused on the APIs that power modern apps. We built an API-first platform, used AI from day one, and secured early patents in behavior-based detection and automated policy creation. The result: real-time, inline blocking with automatic API discovery that ... Read More
Black Hat 2025: Why We Built a Museum Instead of a Booth
Think you know what to expect from a conference booth? Think again. Forget the cliches: the swag destined for the back of your wardrobe, the formula one simulators, the marketing trickery. Instead, step into a new kind of conference experience, one that takes you on a journey through past, present, ... Read More
Five Uncomfortable Truths About LLMs in Production
Many tech professionals see integrating large language models (LLMs) as a simple process -just connect an API and let it run. At Wallarm, our experience has proved otherwise. Through rigorous testing and iteration, our engineering team uncovered several critical insights about deploying LLMs securely and effectively. This blog shares our ... Read More
Mapping the Future of AI Security
AI security is one of the most pressing challenges facing the world today. Artificial intelligence is extraordinarily powerful, and, especially considering the advent of Agentic AI, growing more so by the day. But it is for this reason that securing it is so important. AI handles massive amounts of data ... Read More
Wallarm Research Releases Nuclei Template to Counter Threats Targeting LLM Apps
Wallarm Research has just released a powerful new Nuclei template targeting a new kind of exposure: the Model Context Protocol (MCP). This isn’t about legacy devtools or generic JSON-RPC pinging. It’s about the protocol fueling next-gen LLM applications — and it’s already showing up exposed in the wild. What is ... Read More
API Armor: How Bybit’s Real-Time Blacklisting Is Thwarting a $1.5B Crypto Heist
APIs present a security risk—that much is a given. Attacks on APIs have caused some of the most significant security incidents of the past decades. But the question now is: How can we flip the script and leverage their power to enhance security? Bybit might just have the answer.  Bybit—one ... Read More
Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI
DeepSeek, a disruptive new AI model from China, has shaken the market, sparking both excitement and controversy. While it has gained attention for its capabilities, it also raises pressing security concerns. Allegations have surfaced about its training data, with claims that it may have leveraged models like OpenAI’s to cut ... Read More
Considerations for Selecting the Best API Authentication Option
Implementing API authentication is one of the most critical stages of API design and development. Properly implemented authentication protects data, user privacy, and other resources while streamlining compliance, preventing fraud, and establishing accountability. In fact, broken authentication is one of the leading causes of API-related breaches. Ultimately, by applying robust ... Read More
Best of 2024: TCP Resets from Client and Server aka TCP-RST-FROM-Client
Diving into the Enigma of TCP Resets Executed by Client and Server The Base Communication Protocol (BCP), understoond as the Transmission Control Protocol (TCP) equivalent, plays a key role in the protocol unit of the internet. Its primary task entails laying a groundwork for communication between two digital entities over ... Read More
AI-Powered APIs: Expanding Capabilities and Attack Surfaces
AI and APIs have a symbiotic relationship. APIs power AI by providing the necessary data and functionality, while AI enhances API security through advanced threat detection and automated responses. In 2023, 83% of Internet traffic traveled through APIs, but there was a 21% increase in API-related vulnerabilities in Q3 2024, ... Read More
