Following the release of the API security module, in this version we added support for body enforcement.

Previously, we only supported schema enforcement for path parameters, query parameters and headers where the parameter types can be string, integer, Boolean, and/or number.

The content-type supported are application/json, application/xml, application/x-www-form-urlencoded, and multipart/form-data.

Valid API requests to the allowed endpoints, that successfully pass the parameter validation checks, are also scanned by security protections for embedded attacks.

Starting with version1.8.0, we added a new container in the KWAF deployment to support the update of the GEO-IP list and well-known attacks, such as injections, XSS, and others.

Signature updates are contained in an image called waas-enrich and can be deployed per Enforcer deployment. It provides an easy way to choose which application can apply the new signatures (all the KWAF Enforcers of a protected application or only a part of the KWAF Enforcers of this application) in order to evaluate the impact of the signature and GEO IPs update in a full controlled environment.

In the Forensics Security view, we added more details related to the Expression that has been detected (signature name and details).

This information can also be manipulated from an external dashboard such as Kibana or any SIEM.