Kubernetes WAAP Version 1.12.0
This version includes the following new capabilities:
Policy Security Configuration Wizard
To facilitate and optimize the KWAAP configuration, a new user experience is provided to configure KWAAP.
It includes a wizard for the creation of a new Security Profile and a new design for each KWAAP Security protectors:
Multiple-Encoded Attacks
In order to bypass a WAAP, hackers may try to send multiple-times encoded attacks.
Support for multiple encoded attacks, for Base64 and URL-encoded encodings, is now supported.
Details of these multiple-encoded attacks are displayed in the Security Event list.
Role Base Access Control (RBAC)
Support of Role Base Access Control (RBAC) for the KWAAP management is introduced.
KWAAP running natively in Kubernetes also works natively with the Kubernetes RBAC definition.
This means that RBAC in KWAAP can be applied per:
Kubernetes cluster Namespace The KWAAP CRDs such as Host Mapping, Profiles, Source Group, Decoding Behavior, Pattern Groups, Custom Rules and API Sec.RBAC is also applied to Security Events, Access Logs and the Dashboard.
It offers a compatible combination of Kubernetes Service Accounts, people using KWAAP and relevant roles.