Migrating from Wallarm to middleBrick

Try middleBrick free

What middleBrick covers

  • Black-box scanning with no agents or code access
  • Under one minute scan time for any language or framework
  • Read-only methods including GET, HEAD, and text-only POST
  • Detection aligned to OWASP API Top 10, PCI-DSS 4.0, SOC 2
  • Authenticated scans with header allowlist and domain verification
  • LLM adversarial probes across Quick, Standard, and Deep tiers

Exporting data from Wallarm

Begin by extracting what you already own from Wallarm. Use the Wallarm API or UI to pull findings, node inventory, and historical scan records into a structured format such as JSON or CSV. Capture metadata like timestamps, severity labels, and node identifiers so you can map items later. Keep the raw export as a reference for cross-checking once the migration is underway.

Rebuilding scan history in middleBrick

middleBrick does not ingest prior Wallarm data, so you rebuild context by re-scanning your APIs with the CLI or dashboard. Run scans on the same URL set and schedule them at similar intervals to preserve temporal patterns. Use the CLI in JSON mode to automate ingestion into your own store if you need trend lines. Note that middleBrick findings will not retroactively fill past Wallarm records; treat the new dataset as a fresh baseline starting from the first middleBrick scan date.

Keeping CI wired up during cutover

Shift your CI gates from Wallarm to middleBrick without breaking pipelines. In your GitHub Action, replace Wallarm references with the middlebrick CLI or the new GitHub Action and set the score threshold to your risk tolerance. If your pipeline currently fails on specific issue types, replicate that logic by using the JSON output to filter relevant findings. During the transition window, run both tools in parallel and compare results to reduce false negatives in enforcement.

- name: middleBrick CI gate
  run: |
    middlebrick scan https://api.example.com/openapi.json --json result.json
    jq 'select(.score > "C")' result.json | grep -q . && exit 1 || exit 0

What you will miss from Wallarm

middleBrick does not offer runtime protection, virtual patching, or a WAF layer; it only reports. If you relied on Wallarm to block requests in-line, you will need a separate control plane for enforcement. You will also lose managed rulesets that auto-apply patches for known API frameworks, and you will not receive the same form of behavioral anomaly detection tied to live traffic. These gaps are inherent to a black-box scanner and are not framed as compliance failures.

What you will gain with middleBrick

You gain a framework-agnostic black-box scanner that does not require agents or code changes. Scans complete in under a minute and cover the OWASP API Top 10 (2023) with explicit mappings to PCI-DSS 4.0 and SOC 2 Type II controls. The product supports authenticated scans with Bearer, API key, Basic auth, and cookies, and it validates security headers, sensitive data exposure, and LLM-specific adversarial probes. Continuous monitoring, HMAC-SHA256 signed webhooks, and a dashboard for trend tracking provide ongoing visibility without tying you to a specific runtime environment.

See how middleBrick compares See all use cases

Frequently Asked Questions

Can I import Wallarm findings into middleBrick?
No, middleBrick does not provide an import tool for Wallarm data. You re-scan your APIs and compare new results against your stored exports to manually correlate patterns.
Will my scan history be preserved if I cancel?
Scan data is deletable on demand and purged within 30 days of cancellation. Historical scans are retained while your subscription is active and are not used for model training.
Does middleBrick replace a WAF or runtime blocker?
No. middleBrick detects and reports issues; it does not block, patch, or remediate traffic. You will need a separate enforcement layer to block malicious requests.
How are PCI-DSS and SOC 2 covered?
Findings map to PCI-DSS 4.0 and SOC 2 Type II controls where relevant. The tool surfaces evidence for these frameworks but does not certify compliance.
Can authenticated scans validate role-based access issues?
Yes, authenticated scans with Bearer, API key, Basic auth, or cookies can help detect BOLA, BFLA, and privilege escalation issues when credentials are provided and domain verification passes.

Related Pages

Alternatives to TenableViable alternatives to Tenable for API security — including middleBrick.Alternatives to PyntViable alternatives to Pynt for API security — including middleBrick.Alternatives to WallarmViable alternatives to Wallarm for API security — including middleBrick.