In Discover phase Wallarm scans the entire network perimeter to identify exposed assets.
In Analyze phase Wallarm inspects incoming HTTP requests and applications responses. The platform continuously updates application specific security rules to keep pace with CI/CD pipelines.
This helps SecOps and DevOps teams meet best practices and Protect applications without a need for labor-intensive manual security rule administration.
Deep Packet Inspection capability coupled with advanced decoding parsers enables Wallarm to support nested protocols and modern APIs including support for JSON, AJAX, HTTP/2, WebSockets, Base64, ASP.NET VIEWSTATE, PHP serialization and their encapsulated variants like XML inside of the JSON and other similar protocols.
The platform is agnostic of the application stack: Wallarm protects applications written in Ruby, Node.js, PHP, .NET or other languages.
Verify phase combines similar malicious requests together into attacks based on target and payload. Then the active scanner (DAST)replays sanitized version of these attacks against the application, which reduces team efforts by only alerting on verified security vulnerabilities.