Wallarm introduced its ongoing Open Source API Firewall project to the world at the recently concluded Blackhat Asia 2024 conference in Singapore.

The open-source API Firewall by Wallarm is a free, lightweight API Firewall designed to protect REST and GraphQL API endpoints across cloud-native environments using API schema validation. By relying on a positive security model, our API Firewall only allows calls that match a predefined API specification while rejecting everything else.

At the event, our in-house expert Nikolay Tkachenko (Research Engineer @ Wallarm) showcased the latest developments and improvements made to the open-source project and what it means for the developer community looking to build more robust cybersecurity solutions.

Key Features of the API Firewall that were introduced

1. Secure REST and GraphQL API endpoints by blocking non-compliant requests/responses:

The API Firewall ensures the security of REST and GraphQL API endpoints by actively monitoring and blocking requests and responses that do not comply with predefined security standards. This includes preventing unauthorized access, malicious injections, and other security threats.

2. Stop API data breaches by blocking malformed API responses:

Malformed API responses can be a gateway for data breaches. The Firewall identifies and blocks any attempts to send or receive data in a format that deviates from the expected structure, preventing potential breaches and ensuring data integrity.

3. Discover Shadow API endpoints:

Shadow API endpoints, often unnoticed and unsecured, can pose significant security risks. The Firewall actively discovers these endpoints, enabling organizations to secure them and prevent potential vulnerabilities and unauthorized access.

4. Block attempts to use request/response parameters not specified in an OpenAPI specification:

By adhering strictly to the OpenAPI specification, the Firewall blocks any attempts to use request or response parameters that are not explicitly defined. This ensures that only permitted data and parameters are exchanged, minimizing the risk of injection attacks and unauthorized access.

5. Validate JWT access tokens:

JSON Web Tokens (JWTs) are commonly used for authentication and authorization in APIs. The Firewall validates JWT access tokens to ensure their authenticity and integrity, preventing unauthorized access and ensuring secure communication between clients and servers.

6. Validate other OAuth 2.0 tokens using introspection endpoints:

In addition to JWT tokens, the Firewall validates other OAuth 2.0 tokens using introspection endpoints. This process verifies the validity and permissions associated with OAuth tokens, enhancing overall security and access control.

7. Denylist compromised API tokens, keys, and Cookies:

Compromised API tokens, keys, and cookies pose significant security risks. The Firewall maintains a denylist of known compromised tokens, keys, and cookies, blocking any attempts to use them for access. This proactive approach helps mitigate the risks associated with compromised credentials and enhances overall security posture.

If you'd like to try the Wallarm API Firewall for yourself, check out our official GitHub account.