Ever push a bad WAF rule? It's the worst.
For most WAF users, the number one fear isn't that the WAF is going to get bypassed. It's that a bad WAF rule will cause an outage.
Impart Security is excited to release the WAF Rule Canary Tests to solve this problem. Designed for cloud security engineers focused on balancing security with system performance, WAF Rule Canary tests let security teams make certain any new WAF rule change isn’t impacting system availability or performance by running proactive health checks against your complete WAF ruleset BEFORE pushing to production.
With WAF Rule Canary tests, Impart spins up a virtual Agent within the Impart cloud, pre-loaded with your complete WAF ruleset. Customers can then run predefined canary tests (defined as endpoints that should always be available and never be blocked, for example) against them using simulated HTTP traffic. If a canary test fails, then any new WAF rule changes will not be saved to production inspectors, proactively avoiding any potentially bad WAF rule.
In conjunction with simulated blocking mode, WAF Rule Canary tests ensure that security teams won’t create WAF rules that take down production sites.
Learn more at try.imp.art, and follow us on LinkedIn for our latest product news
The post Stop pushing bad WAF rules | Impart Security appeared first on Security Boulevard.
Authors/Presenters: Michael Gorelik, Arnold Osipov
Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103 appeared first on Security Boulevard.