WAF and Appsec Insights

We’ve been busy building new ways to make the Inspector more powerful, flexible, and easy to use. In this update, you’ll find improvements to the Inspector itself, plus two brand-new apps that put more security controls at your fingertips. From streamlined updates in Inspector v0.40.0, to easier access to release notes in our docs site, to new apps for blocking attacks and protecting sensitive data—you now have more tools than ever to strengthen your security posture.

We've crossed a threshold that fundamentally changes cybersecurity forever. Not with fanfare or headlines, but quietly, in the background of our AI-powered world. The expertise barrier that once separated script kiddies from sophisticated threat actors has simply... vanished.

A security research demonstration showing how the same AI-assisted methodology that compromised OWASP Juice Shop in 23 minutes can be directly applied to recreate sophisticated breaches like the Salesforce-Drift OAuth incident.

This month, we’re delivering a mix of AI-powered enhancements, deeper visibility, and workflow refinements to help you move faster with more confidence. From LLM-assisted rule script optimization that streamlines code and boosts performance, to expanded event change logs that make auditing crystal clear, to rule and tag improvements that smooth out the everyday editing experience—these updates are all about giving you smarter tools and sharper insights.

Impart Product Update: Smarter, Faster, and More Transparent Security — Inspector v0.38.0 delivers major performance improvements, smarter learning behavior, and deeper visibility. We’ve optimized CPU usage, added safeguards against memory pressure, and introduced better learning for user-specific paths. New metrics and status code logging give teams clearer insights into production activity. We’ve also rolled out quality-of-life upgrades across the platform: batch rule actions make it easier to manage security rules at scale, new bot protection tags offer more transparency into automated traffic decisions, organized rule categories help you find what you need faster, a redesigned labels page streamlines entity management, and simplified profile navigation makes key settings easier to find and manage. These updates reduce noise, save time, and give security teams better tools to protect what matters most.

We’ve made it easier to build and manage rules with new features designed for clarity and control. You can now group conditions for more powerful logic, reorder them with ease, add multi-line descriptions for better documentation, and use numeric operators in CTX-based rules to support advanced comparisons.

The recent disclosure of EchoLeak by Aim Labs marks a significant milestone in AI security research. As the first documented zero-click exploit targeting a production AI system, it offers valuable insights into the emerging threat landscape that security professionals need to understand and prepare for.

Today, we're announcing our $12 million Series A led by Madrona. This funding represents more than capital—it validates our solution to what I call the 'last mile problem' in application security.

Instead of spending time writing and testing custom logic, detection and response teams can now tap into a curated set of rules tailored for modern cloud applications. These aren't your standard WAF rules — they're full-featured, deeply customizable, and built to align with your business logic. Even better, the rule library has rules of different types - including rule recipes (rule builder based) or rule scripts (code based)!

Relying on IP addresses alone isn't enough to reliably track or distinguish clients—especially in modern, complex environments. That’s why we’ve introduced Custom Client Identifiers, giving your team the flexibility to define what a “client” really means based on your specific use case.Whether it’s IP + User-Agent, IP + API Key, or Token + Product Identifier, you can now tailor client identification to suit your architecture and security goals.