Virtualization Technology News and Information
Wallarm Empowers Developers with Automated Security Testing
Wallarm, the company that delivers AI-powered application protection, today announced the general availability of the Wallarm Framework for Automatic Security Testing (FAST).The new product gives security researchers, developers and quality assurance practitioners an easy way to automatically create security tests from functional tests and production traffic - with a 1000x multiplier in the number of generated tests.

"Security wants continuous ‘in depth' security testing," said Richard Seiersen, CISO for Landing Club. "Developers want to go fast. Wallarm's FAST is designed to resolve this. First, it painlessly instruments the CI/CD pipeline. Then, its predictive engines learn, suggest and run bespoke tests...thousands of them."

How It Works
The product deploys in minutes on the developer machine or a team server from the image in Docker registry, and is as easy to use as configuring a proxy on a browser during black-box testing.

The key features of the product include:

  • Automatic security test generation with a 1000x multiplier
  • Grey box testing while preserving the session context
  • Running tests automatically
  • Fine-grain policy for test generation
  • Smart fuzzing technology creating unique payloads
  • "Hacker intelligence" and library payloads to test for known vulnerabilities
  • Ability to find anomalies in application responses
  • APIs for integration with Continuous Integration/Continuous Development (CI/CD) toolchain


"Wallarm FAST has many cool features to help DevOps teams strike the delicate balance between the security of the application and the very short release cycles," said Chris Rodriguez, senior analyst for Frost & Sullivan.

"We have received a lot of requests from our customers who wanted to extend their application testing with security; but couldn't do it because of limited security resources,"said Ivan Novikov, CEO of Wallarm. "Wallarm FAST takes existing manual or automated tests, like Selenium, and uses those as a basis for generating all the possible security tests out there. Security teams can then create a policy to chip off everything that doesn't belong. The resulting set of tests runs automatically, making a great addition to the release acceptance criteria."
Published Thursday, April 26, 2018 7:58 AM by David Marshall
Filed under: ,
Wallarm Empowers Developers with Automated Security Testing - EMC VMAX - (Author's Link) - April 26, 2018 8:08 AM
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2018>