Ever push a bad WAF rule? It’s the worst. For most WAF users, the number one fear isn’t that the WAF is going to get bypassed. It’s that a bad WAF rule will cause an outage. Impart Security is excited to release the WAF Rule Canary Tests to solve this problem. Designed for cloud security engineers focused on balancing security with system performance, WAF Rule Canary tests let security teams make certain any new WAF rule change isn’t impacting system availability or performance by running proactive health checks against your complete WAF ruleset BEFORE pushing to production. With WAF Rule Canary tests, Impart spins up a virtual Agent within the Impart cloud, pre-loaded with your complete WAF ruleset. Customers can then run predefined canary tests (defined as endpoints that should always be available and never be blocked, for example) against them using simulated HTTP traffic. If a canary test fails, then any new WAF rule changes will not be saved to production inspectors, proactively avoiding any potentially bad WAF rule. In conjunction with simulated blocking mode, WAF Rule Canary tests ensure that security teams won’t create WAF rules that take down production sites. Learn more at try.imp.art, and follow us on LinkedIn for our latest product news
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2024/12/stop-pushing-bad-waf-rules-impart-security/