WAF for Kubernetes
Wallarm Cloud Native WAF automates application protection. Installed directly on an NGINX Ingress controller. In Kubernetes clusters Wallarm protects containerized applications, microservices, and APIs in private and public clouds.
Easy deployment in Kubernetes
  • Deploys as instrumented Kubernetes communities Ingress Controller or NGINX Plus Ingress Controller
  • Installs as a sidecar Docker container within Kubernetes pods
  • Supports Google GKE, Amazon EKS or Kubernetes in private cloud
  • Deploy and manage with Spinnaker. Monitor with Prometheus
  • Licensing model which allows dynamic deployment of nodes and Kubernetes clusters
Protect Cloud Native Apps
  • Secures a variety of API protocols including JSON, XML, SOAP, and others
  • XSS, XXE, SQL Injections, RCE and other OWASP Top 10 threats protection
  • Brute-force attacks, dirbusting, and account takeover (ATO)
  • Application abuse and logic bombs
  • Bots
No Manual Rule Configuration
  • Eliminate false positives without tuning
  • 90% of customers use Wallarm Kubernetes WAF in blocking mode
  • Signature-free rules are created automatically and customized for every application
Wallarm WAF for Kubernetes
Integrates with Kubernetes infrastructure

Stronger Native Security for Kubernetes

Provide and support stronger native security for Kubernetes infrastructure with Wallarm. Wallarm’s node for Kubernetes natively deploys with an Ingress controller to provide API security and L7 protections for distributed applications. The management of the Wallarm image is performed with a standard Helm Package Manager or by using kubectl. To install the Wallarm-instrumented controller, you can add it from an existing HELM repository. Full deployment instructions are available at the documentation portal.

Monitoring with Prometheus

Wallarm natively integrates with Prometheus for streamlined monitoring of the APIs and their security. The service is monitored by collectd; information on the number of requests, number of attacks, number of blocked attacks and a variety of error conditions can be exported in JSON format or directly into Prometheus.

Security in CNCF Community

With protected microservices, attack mitigation, and DevOps-friendly post analytics, Wallarm brings true security and ease-of-use to the centerpiece projects of LF and CNCF communities.

API and Integrations

Full open API:

Operational controlsData retrieval

Out-of-the-box integrations:




Certified environments

Public clouds:


Private / Hybrid clouds:

Docker / Kubernetes
The environment is very dynamic, and there are a lot of applications and APIs to protect, so we needed a solution that is automated, self-tuning, and centrally managed.
We tried to use mod_security, but there was a lot of pain with the complicated rules / signatures and non-stop false positives.
Wallarm was able to profile the normal operation the web infrastructure and identify the application-layer (L7) DDoS attack.
Schedule a live product demo
Kubernetes FAQ
What is Kubernetes?
Kubernetes is an open-source project developed by Google in 2014 that provides multiple services associated with containerized processes. These processes involve managing containers and their workloads associated with services, configuration, and automation of the various containerization functions.
What is Kubernetes used for?
Kubernetes primary function is to manage containers. The management of these containers INVOLVES being able to provide automated services in a distributed fashion. Additionally, Kubernetes supplies a framework that permits for distributed systems on large scale platforms. A few of the capabilities provided by Kubernetes container optimization involve failover facilitation, deployment pattern options, and declarative configuration and automation of these processes.
What is a Kubernetes cluster?
A Kubernetes cluster consists of a set of machines referred to as nodes. These nodes consist of containerized applications in which Kubernetes can manage and provide various automated services.The standard configuration of a cluster normally will contain a minimum of one worker node and at least one masternode. The worker nodes are managed by the master node which also provides the cluster with disaster recovery and high availability failover functionality.
What is a Kubernetes pod?
A Kubernetes pod is the simplest representation of a single unit of deployment. A single unit of deployment is a single instance of a particular application within Kubernetes that may consist of one container or a small number of containers that will share resources. A pod will occupy an applications container, a specific IP address, storage resources, and a determined framework for how the containers will operate amongst each other.
What is Helm Kubernetes?
The Kubernetes helm is the primary tool used to manage and streamline the process for installing Kubernetes applications. Ir consists of two components, “Helm” which is the client, and “Tiller” which is the server. Tiller will operate inside of the Kubernetes cluster and will manage the installations of your charts. Moreover, helm can operate in any environment, whether it's on your laptop or within your CICD pipeline.
What is Google Kubernetes Engine(GKE)?
GCP (Google Cloud Platform) supports a Kubernetes engine also referred to as GKE (Google Kubernetes Engine). Originally developed in 2015, GKE permits for automated operations, ease of scalability, and reduction in time and overhead for complete optimization and functionality of container services. Moreover, through the use of GKE it is possible to update, manage, deploy, and automate processes for the management of applications and services.
Available Resources
Address:94107San FranciscoBrannan St, 415
(415) 940-7077,request@wallarm.com