SlideShare a Scribd company logo

Protect against threats with bullet-proof integration | MuleSoft

Download as PPTX, PDF
MuleSoft
MuleSoft

To watch the webinar, please visit: http://www.mulesoft.com/webinars/protect-threats-bullet-proof-integration Enterprise integrations running across trust boundaries demand robust security solutions. Mule Enterprise Security enables end-to-end protection of your integration ecosystem. Join Reza Shafii, Director of Product Management at MuleSoft, to better understand how our enterprise-grade security solution can help you: Block unauthorized access to your systems Eliminate exposure of sensitive data and information Prevent attacks through proactive threat management Presenter: Reza Shafii, Director of Product Management, MuleSoft Inc.

Technology
1 of 13
Mule Enterprise Security Presenter: Reza Shafii, Director of Product Management MuleSoft, @mulesoft, @cloudhub
Agenda Introducing Mule Enterprise Security Drill-down into – Mule STS OAuth 2.0 Provider – Mule Credential Vault – Mule Security Filter Processors Brief Overview of other New Mule Enterprise Security Features Wrap-up and Q&A All contents Copyright © 2011, MuleSoft Inc. 3
Mule Enterprise Security - Benefits 1 - Protect access to your Mule application end-points and the services they access SOA Mobile 2 - Maintain the confidentiality of data used and emitted by your mule flows APIs 3 - Guard your Mule interfaces against SaaS security attacks Integration All contents Copyright © 2011, MuleSoft Inc. 4
Mule Enterprise Security All contents Copyright © 2011, MuleSoft Inc. 5
Mule STS OAuth 2.0 Provider - Why Protect your APIs Application End-Users with OAuth Applications (OAuth Clients) Enables credentials Mobile Apps Web Apps Mule Cloud Connector Apps to only be shared with a single, OAuth Protected central entity APIs Exposed by Mule Application (OAuth Service Provider) All contents Copyright © 2011, MuleSoft Inc. 6
Mule STS OAuth 2.0 Provider - What Mule can act as an OAuth 2.0 provider OAuth element protects flow Supports for all OAuth 2.0 grant types Supported end-points – HTTP/S, Jetty, Servlet, Web Services All contents Copyright © 2011, MuleSoft Inc. 7
Mule Credential Vault - Why Access external end-points without exposing their access credentials – Store credentials in encrypted format All contents Copyright © 2011, MuleSoft Inc. 8
Mule Credential Vault - What Encrypt content of Mule application property files Mule Studio provides property value encryption tool Values decrypted upon access from Mule Flows All contents Copyright © 2011, MuleSoft Inc. 9
Mule Security Filter Processors - Why Whitelist a specific set or range of IP addresses Enable expiry policy using message time-stamp All contents Copyright © 2011, MuleSoft Inc. 10
Mule Security Filter Processors - What Use Mule security filter processors to – Set filtering needs and parameters Support for – IP filtering (single, range, and CIDR) – Message expiry filtering All contents Copyright © 2011, MuleSoft Inc. 11
Mule Enterprise Security – Features Overview Feature Description Mule Secure Token Enables a Mule server to act as an OAuth Service (STS) – 2.0 authentication provider to protect OAuth 2.0 Provider specific mule flows. Mule Credential Vault Encrypt sensitive values (e.g. passwords) in your Mule message flows. Mule Security Filter Allow filtering of messages based on Processors security criteria: IP based and expiry based. Mule Digital Signature Simplifies the signing and verification of Processors XML Signatures within Mule flows. Mule Message Easily encrypt and decrypt sensitive data Encryption Processors in Mule messages. All contents Copyright © 2011, MuleSoft Inc. 12
Mule Enterprise Security 1 - Protect access to your Mule application end-points and the services they access SOA Mobile 2 - Maintain the confidentiality of data used and emitted by your mule flows APIs 3 – Guard your Mule interfaces against SaaS security attacks Integration All contents Copyright © 2011, MuleSoft Inc. 13
Q&A All contents Copyright © 2011, MuleSoft Inc. 15

Recommended

Joint Ariba SAP Roadmap
Joint Ariba SAP RoadmapJoint Ariba SAP Roadmap
Joint Ariba SAP RoadmapSAP Ariba
 
The Next Wave of Application Architecture | MuleSoft
The Next Wave of Application Architecture | MuleSoftThe Next Wave of Application Architecture | MuleSoft
The Next Wave of Application Architecture | MuleSoftMuleSoft
 
SAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftSAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftMuleSoft
 
IoT architecture
IoT architectureIoT architecture
IoT architectureSumit Sharma
 
The CIO's Guide to Digital Transformation
The CIO's Guide to Digital TransformationThe CIO's Guide to Digital Transformation
The CIO's Guide to Digital TransformationMuleSoft
 
Gluecon 2017: Metadata is the Glue
Gluecon 2017: Metadata is the GlueGluecon 2017: Metadata is the Glue
Gluecon 2017: Metadata is the GlueMuleSoft
 
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...MuleSoft
 
How to Get Unstuck
How to Get Unstuck How to Get Unstuck
How to Get Unstuck MuleSoft
 

Recommended

Joint Ariba SAP Roadmap
Joint Ariba SAP RoadmapJoint Ariba SAP Roadmap
Joint Ariba SAP RoadmapSAP Ariba
 
The Next Wave of Application Architecture | MuleSoft
The Next Wave of Application Architecture | MuleSoftThe Next Wave of Application Architecture | MuleSoft
The Next Wave of Application Architecture | MuleSoftMuleSoft
 
SAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftSAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftMuleSoft
 
IoT architecture
IoT architectureIoT architecture
IoT architectureSumit Sharma
 
The CIO's Guide to Digital Transformation
The CIO's Guide to Digital TransformationThe CIO's Guide to Digital Transformation
The CIO's Guide to Digital TransformationMuleSoft
 
Gluecon 2017: Metadata is the Glue
Gluecon 2017: Metadata is the GlueGluecon 2017: Metadata is the Glue
Gluecon 2017: Metadata is the GlueMuleSoft
 
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...MuleSoft
 
How to Get Unstuck
How to Get Unstuck How to Get Unstuck
How to Get Unstuck MuleSoft
 
Product Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformProduct Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformMuleSoft
 
How API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationHow API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationMuleSoft
 
Microservices on Anypoint Platform
Microservices on Anypoint PlatformMicroservices on Anypoint Platform
Microservices on Anypoint PlatformMuleSoft
 
Applying UX principles and methods to APIs
Applying UX principles and methods to APIs Applying UX principles and methods to APIs
Applying UX principles and methods to APIs MuleSoft
 
Secure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseSecure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseMuleSoft
 
Gathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkGathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkMuleSoft
 
CloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsCloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsMuleSoft
 
Governing and Sharing your Integration Assets
Governing and Sharing your Integration AssetsGoverning and Sharing your Integration Assets
Governing and Sharing your Integration AssetsMuleSoft
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft
 
Designing and building Mule applications
Designing and building Mule applicationsDesigning and building Mule applications
Designing and building Mule applicationsMuleSoft
 
Object Store
Object StoreObject Store
Object StoreMuleSoft
 
Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0MuleSoft
 
Troubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformTroubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformMuleSoft
 
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)MuleSoft
 
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)MuleSoft
 
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)MuleSoft
 
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)MuleSoft
 
Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)MuleSoft
 
Know What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardKnow What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardMuleSoft
 
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...MuleSoft
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

More Related Content

More from MuleSoft

Product Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformProduct Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformMuleSoft
 
How API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationHow API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationMuleSoft
 
Microservices on Anypoint Platform
Microservices on Anypoint PlatformMicroservices on Anypoint Platform
Microservices on Anypoint PlatformMuleSoft
 
Applying UX principles and methods to APIs
Applying UX principles and methods to APIs Applying UX principles and methods to APIs
Applying UX principles and methods to APIs MuleSoft
 
Secure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseSecure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseMuleSoft
 
Gathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkGathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkMuleSoft
 
CloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsCloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsMuleSoft
 
Governing and Sharing your Integration Assets
Governing and Sharing your Integration AssetsGoverning and Sharing your Integration Assets
Governing and Sharing your Integration AssetsMuleSoft
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft
 
Designing and building Mule applications
Designing and building Mule applicationsDesigning and building Mule applications
Designing and building Mule applicationsMuleSoft
 
Object Store
Object StoreObject Store
Object StoreMuleSoft
 
Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0MuleSoft
 
Troubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformTroubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformMuleSoft
 
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)MuleSoft
 
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)MuleSoft
 
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)MuleSoft
 
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)MuleSoft
 
Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)MuleSoft
 
Know What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardKnow What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardMuleSoft
 
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...MuleSoft
 

More from MuleSoft (20)

Product Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformProduct Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint Platform
 
How API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationHow API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy Modernization
 
Microservices on Anypoint Platform
Microservices on Anypoint PlatformMicroservices on Anypoint Platform
Microservices on Anypoint Platform
 
Applying UX principles and methods to APIs
Applying UX principles and methods to APIs Applying UX principles and methods to APIs
Applying UX principles and methods to APIs
 
Secure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseSecure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterprise
 
Gathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkGathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at Splunk
 
CloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsCloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment Options
 
Governing and Sharing your Integration Assets
Governing and Sharing your Integration AssetsGoverning and Sharing your Integration Assets
Governing and Sharing your Integration Assets
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
 
Designing and building Mule applications
Designing and building Mule applicationsDesigning and building Mule applications
Designing and building Mule applications
 
Object Store
Object StoreObject Store
Object Store
 
Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0
 
Troubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformTroubleshooting Anypoint Platform
Troubleshooting Anypoint Platform
 
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
 
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
 
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
 
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
 
Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)
 
Know What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardKnow What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics Dashboard
 
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
 

Recently uploaded

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 

Recently uploaded (20)

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 

Protect against threats with bullet-proof integration | MuleSoft

  • 1. Mule Enterprise Security Presenter: Reza Shafii, Director of Product Management MuleSoft, @mulesoft, @cloudhub
  • 2. Agenda Introducing Mule Enterprise Security Drill-down into – Mule STS OAuth 2.0 Provider – Mule Credential Vault – Mule Security Filter Processors Brief Overview of other New Mule Enterprise Security Features Wrap-up and Q&A All contents Copyright © 2011, MuleSoft Inc. 3
  • 3. Mule Enterprise Security - Benefits 1 - Protect access to your Mule application end-points and the services they access SOA Mobile 2 - Maintain the confidentiality of data used and emitted by your mule flows APIs 3 - Guard your Mule interfaces against SaaS security attacks Integration All contents Copyright © 2011, MuleSoft Inc. 4
  • 4. Mule Enterprise Security All contents Copyright © 2011, MuleSoft Inc. 5
  • 5. Mule STS OAuth 2.0 Provider - Why Protect your APIs Application End-Users with OAuth Applications (OAuth Clients) Enables credentials Mobile Apps Web Apps Mule Cloud Connector Apps to only be shared with a single, OAuth Protected central entity APIs Exposed by Mule Application (OAuth Service Provider) All contents Copyright © 2011, MuleSoft Inc. 6
  • 6. Mule STS OAuth 2.0 Provider - What Mule can act as an OAuth 2.0 provider OAuth element protects flow Supports for all OAuth 2.0 grant types Supported end-points – HTTP/S, Jetty, Servlet, Web Services All contents Copyright © 2011, MuleSoft Inc. 7
  • 7. Mule Credential Vault - Why Access external end-points without exposing their access credentials – Store credentials in encrypted format All contents Copyright © 2011, MuleSoft Inc. 8
  • 8. Mule Credential Vault - What Encrypt content of Mule application property files Mule Studio provides property value encryption tool Values decrypted upon access from Mule Flows All contents Copyright © 2011, MuleSoft Inc. 9
  • 9. Mule Security Filter Processors - Why Whitelist a specific set or range of IP addresses Enable expiry policy using message time-stamp All contents Copyright © 2011, MuleSoft Inc. 10
  • 10. Mule Security Filter Processors - What Use Mule security filter processors to – Set filtering needs and parameters Support for – IP filtering (single, range, and CIDR) – Message expiry filtering All contents Copyright © 2011, MuleSoft Inc. 11
  • 11. Mule Enterprise Security – Features Overview Feature Description Mule Secure Token Enables a Mule server to act as an OAuth Service (STS) – 2.0 authentication provider to protect OAuth 2.0 Provider specific mule flows. Mule Credential Vault Encrypt sensitive values (e.g. passwords) in your Mule message flows. Mule Security Filter Allow filtering of messages based on Processors security criteria: IP based and expiry based. Mule Digital Signature Simplifies the signing and verification of Processors XML Signatures within Mule flows. Mule Message Easily encrypt and decrypt sensitive data Encryption Processors in Mule messages. All contents Copyright © 2011, MuleSoft Inc. 12
  • 12. Mule Enterprise Security 1 - Protect access to your Mule application end-points and the services they access SOA Mobile 2 - Maintain the confidentiality of data used and emitted by your mule flows APIs 3 – Guard your Mule interfaces against SaaS security attacks Integration All contents Copyright © 2011, MuleSoft Inc. 13
  • 13. Q&A All contents Copyright © 2011, MuleSoft Inc. 15

Editor's Notes

  1. Slide 2: Housekeeping items Just a couple of housekeeping items before we get started: This session is being recorded and will be available immediately following the webinarYou can download the slides right now from the “attachments” tabIf you have content or technical questions, please feel free to ask them at any time by typing them into and sending them via the question button above the slides. We will answer questions at the end of the session but please feel free to send over questions as they arise. If we don’t get to your question or if you have any detailed use-case specific questions, you can submit them to our team of experts at tinyurl.com/askmulesoft 
  2. Go over the MES benefitsThen mention the fact that these benefits span solution areas
  3. Safe Access as per OAuth:- Allows you to protect any HTTP based interface for access – usually used for REST APIsTemporary and restricted access – Access is controlled through OAuth tokens which can have an expiry date and limited scope to allow for RBACOften consumed and used by Mobile apps
  4. Key for decrypting the properties is provided as a system property: <secure-property-placeholder:config key="${runtime.property}" location="test.qa.properties"/>./mule -D-Mruntime.propery=mySecretKey
  5. Useful for security gateway scenarios
  6. Go over the MES benefitsThen mention the fact that these benefits span solution areas
  7. Slide 2: Housekeeping items Just a couple of housekeeping items before we get started: This session is being recorded and will be available immediately following the webinarYou can download the slides right now from the “attachments” tabIf you have content or technical questions, please feel free to ask them at any time by typing them into and sending them via the question button above the slides. We will answer questions at the end of the session but please feel free to send over questions as they arise. If we don’t get to your question or if you have any detailed use-case specific questions, you can submit them to our team of experts at tinyurl.com/askmulesoft