Kubernetes WAF Version 1.10.0

Release Notes > Product Modifications > Kubernetes WAF Version 1.10.0

This version includes the following modifications:

API Security

After importing the OpenAPI file, you can define if the endpoint paths are Relative or Absolute depending on the Classifier Path definition.

Configurable Header Inspection

You can activate the Header Inspection with the Expression engine (disabled by default).

If the Header Inspection is enabled then only the HTTP headers Host, User-Agent, Referer, and Authorization will be scanned for security inspection. To configure a specific list of HTTP Headers, you can enable Custom Headers. Only the configured headers in the list Header to Scan will be scanned for Security Inspection.

Graphical user interface, text, application, email Description automatically generated

Sampling Access-Log

The Access-Log can be configured to log only a sample of the incoming traffic.

The configuration can be global for all Enforcers, or per Enforcer.

By default, all traffic is recorded. You can choose to record a percentage of the incoming traffic.

Refer to the Kubernetes WAF User Guide for more details.

Forensics Security Events

In the Security Events, for the Expression engine and the Signature engine, we added in the security events a dedicated field that mentioned the signature file version used when the violation was detected.

A screenshot of a computer Description automatically generated