Web Monitoring Web Application, Microservice, and API Security Platform

The main articles are:

• DLP - Data Loss/Leak Prevention
• Firewall

The main focus of the Webmonitorex platform (formerly Valarm) is automation and testing of web applications and APIs based on machine learning. The platform is aimed at detecting vulnerabilities in web services.

2024

Inclusion in the Register of Russian Software

The product "ProAPI Protection" from Webmonitorex is registered in the Register of the Russian POMincifra of Russia (registry entry No. 23742). The developer announced this on September 17, 2024.

source = Webmonitorex

According to research by Webmonitorex, the REST protocol occupies 64% of traffic, the remaining 36% are GraphQL (0.5%), Web-form (16.5%), SOAP/XML (1%), GRPC (12.4%), Websocket (5.6%). This data indicates the increasing risk of penetration into IT systems and services through APIs and the need to protect them.

ProAPI Protection provides enhanced API protection by building on a positive security model and setting traffic requirements using the API specification. Together with the ProAPI Structure component, built on the basis of behavioral artificial intelligence, an automatic tuning technology for changing API parameters becomes available, taking into account the features of each specific API and the context of its work.

For us, not only the development of a technologically innovative and high-quality product is important, but also the confirmed benefits of its inclusion in the security processes of web applications and APIs. Entering into the Register often allows you to get practical benefits not only from the functional part, but also when ensuring compliance with certain regulatory norms and initiatives, - explained Lev Paley, Director of Information Security at Webmonitorex.

Introduction of Tokeon digital assets into the platform

The Toceon digital asset platform has security products from Servicepipe and Webmonitorex from DDoS attacks and targeted web threats. Webmonitorex announced this on July 30, 2024. Synergies between Web DDoS Protection and WAF provide protection against most known web threats. Read more here.

Webmonitorex Launches API Protection Product to the Mass Market That Only Select Customers Previously Used

Web protection developer Webmonitorex held an open demonstration at the end of March of the capabilities of its products that provide API protection in distributed applications of the microservice architecture. Their goal is to control API requests to the server infrastructure (backend) to identify and prevent attacks on integration interfaces. In addition, the products have a component to protect sensitive data from leaks. The company has developed 4 different delivery solutions in the form of containers that can be built into the customer's CI/CD pipeline and allow filtering dangerous API requests and server responses.

Now quite a lot of cloud information systems interact with the outside world through APIs. These are web applications of microservice architecture, and third-party AI services, and mobile/desktop applications, and many Internet services created as part of digital transformation. At the same time, errors also appear in the API, which attackers can use both to penetrate information systems and to organize a leak through the integration of secret data. At the same time, firewalls and WAFs cannot protect against such attacks, since they "do not understand" the context of interaction within the API.

Now cloud technologies and microservices in Russia are developing rapidly. Therefore, there is an increasing need to protect APIs from malicious use. Unfortunately, without a special API layer screen (API Firewall). Such products could detect abnormal activity in using integration tools, protect cloud applications from exploiting known platform vulnerabilities, and also record attempts to infer sensitive data beyond the controlled perimeter. Foreign products and open-source developments are already emerging, however

The product offered by Webmonitorex consists of two parts - a filtering unit and a control console. It currently supports Rest API, SOAP, GRPC, Websocket, and GraphQL. The API query filter comes in four different versions. So if you just need to visualize, structure and block dangerous requests to the API, then the API Structure package is enough for this. If, in addition to this, you also need to protect against leaks of classified data, then the client can install an extended version of the previous package called "API Leaks."

In addition, secret blocking is also included in the API Protection package, which will check all requests received through various APIs to the application server for their validity and skip only those described by the developers in the OAS description. This filter also blocks all attacks described in the OWASP API Security Top 10. To search for vulnerabilities in the API, you can use the "DAST API" package, which is more in demand by application developers to work as part of the DevSecOps loop. It is still not recommended to put an API unverified for vulnerabilities into commercial operation.

Moreover, the developed API protection tools are already used by one and a half dozen companies, and a dozen more projects are in the process of pilot implementation. Representatives of two clients - the HeadHunter portal and the SberAvto project - spoke about their experience using the Websonitorex API screen during a demonstration of its capabilities. Moreover, some companies have been working with the product since 2019. Now the company expects to significantly increase the number of its customers, and bring them to hundreds by the end of the year.

Angie Pro Compatibility

Webmonitorex has ensured the compatibility of its platform with the Russian web server Angie PRO. This provides even greater reliability and security for protecting businesses from cyber threats. Webmonitorex announced this on February 27, 2024.

Customers can use a full-fledged solution consisting of a complex of domestic products - a platform for protecting web applications and a balancer.

The Webmonitorex platform is a solution for protecting web resources and APIs from attacks, which analyzes web traffic, forms an individual profile of protected resources and instantly blocks any malicious requests. The platform natively supports HTTP/2.0, WebSockets, REST API, JSON, XML, SOAP, gRPC, integration with SIEM systems, attack source determination (Geo, Tor, Datacenter, proxy), centralized security management, flexible event notification system and parsing complex nested protocols.

The Russian web server Angie PRO has passed compatibility certification with domestic operating systems. Angie is fully compatible with Nginx, which allows users to switch to a domestic solution without serious costs and downtime of services.

Webmonitorex continues to develop its technologies and integrate with new platforms to ensure a comfortable implementation into the infrastructure of its customers.

According to both companies, such a technological partnership ensures the proper degree of reliability and full import dependence (in conjunction with the domestic operating system).

2023

Red OS Compatibility

The Russian IT-Companies LLC Webmonitorex"" and LLC RED SOFT"" tested software products for the correctness of collaboration. As a result of the test platform for protecting web applications, microservices and APIs "Webmonitorex" entered the ecosystem of the operating system RED OS. Webmonitorex announced this on September 27, 2023.

Attention to information protection issues in various organizations is increasing, including due to the growing number of security incidents. RED SOFTWARE monitors trends in the field of cybersecurity, our task is to provide RED OS users with Russian solutions to prevent threats and attacks from ill-wishers. Another product in the RED OS ecosystem, the Webmonitorex platform, will help protect businesses from cyber attacks, hacks and data leaks through the company's web applications, "said Rustam Rustamov, Deputy General Director of RED SOFT.

Angie Pro Server Compatibility

Webmonitorex has ensured the compatibility of its platform with the Russian web server Angie PRO. This provides even greater reliability and security for protecting businesses from cyber threats. This was announced on September 5, 2023 by the Web Server.

Customers can use a full-fledged solution consisting of a complex of domestic products - a platform for protecting web applications and a balancer.

Webmonitorex continues to develop its technologies and integrate with new platforms to ensure the most comfortable implementation in the infrastructure of its customers.

According to both companies, such a technological partnership ensures the proper degree of reliability and full import dependence (in conjunction with the domestic operating system).

2022: Change of Platform Owner and Name

At the end of October 2022, the developer of the Valarm platform Onsek, a multidisciplinary company engaged in software development and consulting services in the field of information security of web applications, transferred the exclusive right to the Valarm platform to Webmonitorex LLC. As a result, the name of the platform was changed to Webmonitorex. Representatives of the Webmonitorex company shared information about this with TAdviser.

Under the Wallarm brand, the product continues to develop by the American company Wallarm Inc.

2020

Availability of "Valarm WAF" in Yandex.Cloud

On July 20, 2020, it became known that Yandex.Cloud and Valarm, an adaptive protection platform for APIs and web applications, agreed to cooperate. Now Yandex.Cloud users will have convenient access to the Valarm WAF solution to protect web applications and APIs from the most common cyber attacks, and the installation time will be reduced to several minutes.

WAF Alert helps fight vulnerability scanning and hacker attacks that can compromise data: SQL injections, XSS, XXE, RCE and other OWASP Top-10 threats. Also, the developers will receive protection against brute force, theft of accounts and attacks on the logic of the application.

To use Valarm WAF, customers do not need to make changes to the source code and architecture of the protected application. You can access the solution directly from the Yandex.Cloud marketplace. At the time of launch, the tool is available to Cloud users using the BYOL (Bring Your Own License) model: you need to subscribe to the service directly from Valarm. In the future, you can purchase a license in the Cloud marketplace.

The main users of the solution in Yandex.Cloud will be DevOps companies that create complex and high-load applications. For example, companies in the fields of e-commerce, digital retail, online payments and electronic media.

According to Valarm, during the pandemic (in February - May 2020), the number of attacks on web applications, that is, sites, portals and applications for a smartphone and computer in which information is exchanged on the Internet, increased 2.2 times compared to the same period last year.

Availability in the Web Application Firewall service from Croc Cloud Services

On March 24, 2020, it became known that CROC Cloud Services, together with Valarm, an integrated platform for protecting and testing web applications, microservices and API, developed by Onsek, launched a cloud service for protecting web applications. The Wallarm platform is available in the launched Web Application Firewall service. Read more here.

2019

Availability of Valarm WAF module within Technoserv Cloud

On November 21, 2019, Technoserv announced that it had entered into a partnership agreement with Onsek. Clients of the provider will have access to a firewall to protect web applications (WAF). This service is based on the Technoserv Cloud infrastructure and the Valarm platform.

According to the company, thanks to a partnership between Onsek and Technoserv Cloud, clients of the latter gain access to the fault-tolerant installation Valarm WAF, one of the modules of the Valarm platform, designed to protect web applications and APIs from various threats, including OWASP Top-10 and zero-day vulnerabilities. The solution analyzes traffic passing through its filtering nodes, and when threats are detected, instantly blocks them with a minimum number of false positives.

The advantages of this Technoserv Cloud service are that in order to use WAF, customers do not need to make changes to the source code and architecture of the protected application. In addition, the provider does not request access to the project servers, which ensures a high level of isolation of the perimeter of the protected customer, and also simplifies the WAF integration process, while the division of responsibilities remains simple and understandable.

Since the deployment of Valarm WAF takes place cloud in Technoserv Cloud, connecting to it does not require companies to spend additional computing power. Also, the capabilities of the provider's infrastructure allow integrating the Valarm development with protection against - DDoS-attacks cleared traffic will be transmitted via isolated channels.

WAF is one of the main links of comprehensive project protection, which easily integrates with client information systems and our other services, for example, protection against DDoS attacks or the next generation firewall. told Mikhail Blinov, head of Technoserv Cloud

Availability in the cloud service OnCloud.ru

Onlanta"" (part of the group of companies) LANIT on September 19, 2019 announced the conclusion of a partnership agreement with the company - "Onsek" the developer of a comprehensive platform for the protection and testing of web applications API and Valarm cloud service OnCloud.ru. One of the solution modules, Shaft WAF, will be available in. Onlanta clients will be able to use it to protect web applications API and clients from various threats, including OWASP Top-10 and 0-day vulnerabilities. More. here

Angara Cyber Resilience Center Web Application Protection Services

On August 1, 2019, Angara Professional Assistance announced the launch of web application protection services based on the ACRC Cyber ​ ​ Resistance Center.

Angara Professional Assistance now has access to web application traffic filtering (WAF), which includes vulnerability scanning and virtual patching services, thanks to a partnership agreement with Onsek, the developer of the Valarm adaptive protection and testing platform. Read more here.

Features of "Valarm"

According to July 2019, the Valarm platform, the flagship product of Onsek, allows organizations with frequent code updates, high loads on web applications and complex IT infrastructure to ensure the stability of web systems at all stages of work from development to operation. The solution is embedded in modern cloud infrastructures and the DevOps stack, uses machine learning, as well as AI.

The main features of using the platform:

• Integration with existing infrastructure and processes in CI/CD.
• Accuracy of attack recognition and minimization of false positives.
• Real-time analysis and instant blocking of malicious requests.
• Centralized security management for distributed systems.
• Protect web applications and APIs from OWASP Top-10 threats and 0-day vulnerabilities.

The listed features are important for companies that operate in the market of e-commerce, online payments, electronic media and personal communications.

In addition, the Valarm platform is able not only to allocate malicious traffic, but also to determine which attacks were aimed at critical vulnerabilities. The solution works with a load of over 100,000 RPS, any application stacks and is constantly updated with the web application, promptly notifying the customer through tools convenient for him.

2017: Platform Description

According to information as of July 2019, the Valarm platform combines the functions of protecting web applications from hacker attacks and searching for vulnerabilities. The solution is widely demanded by companies that have loaded web applications and work in the markets e-commerce and/or online payments electronic SaaSPaaS Big Data media and personal communications. To promote the market, the company actively attracts new partners: providers, cloud services PaaSIaaS suppliers/solutions, monitoring systems ,/IDS, in IPS order to increase its share in the growing security market, Internet which is estimated IDC to exceed $4 billion.

The hybrid product architecture is suitable for modern technology stacks using cloud providers, microservices, and CI/CD processes. Unlike traditional solutions with static signatures, Valarm generates adaptive application security rules based on machine learning. And an active vulnerability scanner allows you to clearly identify dangerous incidents from a large amount of noise.

The Valarm platform allows not only to effectively block attacks, but also to detect vulnerabilities, as well as problems of the web application that attackers use to "hack" the site. The developers abandoned the traditional signature approach and use machine learning and statistical algorithms to detect malicious activity, which even detect zero-day attacks.

Valarm's solution is focused on technology companies with frequent code updates (and increased risk of errors), high workloads and complex infrastructure. Machine learning allows traffic to determine the logic of the protected web application and generates appropriate security rules for traffic analysis. Unlike other solutions on the market, Valarm is able not only to allocate malicious traffic, which any project has a lot of, but also to determine which of the millions of attacks were really dangerous and aimed at critical vulnerabilities, helping to fix them.

2016: Raising 2.3 million investments after passing Y Combinator

The Valarm platform for protecting web applications from hacker attacks attracted 2.3 million dollars USA from venture capital funds and, Partech Ventures Gagarin Capital as well as partners of the American business incubator at the end of 2016. Y Combinator Earlier in the summer of 2016, the team underwent a three-month Y Combinator acceleration program in Silicon Valley, and in the past, Valarm has already invested in a venture capital fund. Runa Capital More. here

2013: Creating a Platform

The Valarm platform was created in 2013.