Wallarm API Security Testing

Wallarm API Security Testing is a dynamic application security testing solution designed for integration into CI/CD pipelines. The tool automatically transforms existing functional tests into security tests by capturing API requests as baselines through a proxy container, then generates and executes security checks for each build. The solution provides automated schema-based testing that covers OWASP API Top 10 vulnerabilities and business logic abuse scenarios. It includes a Threat Replay Testing feature that safely replays real-world attacks detected in production environments to validate security posture in testing environments. The tool operates by deploying a proxy container that captures API requests during functional testing. These captured requests serve as baselines for generating security test cases. Users can configure testing policies to specify parameter types, payloads, and fuzzer settings, or use default OWASP Top 10 configurations. Security issues and anomalies are reported directly to CI pipelines and ticketing systems. The solution integrates with common CI/CD platforms and testing frameworks through plugins and APIs. It supports both automated schema-based testing using OpenAPI specifications and threat replay testing based on actual attack patterns observed in production.