SlideShare une entreprise Scribd logo

Zero Trust Security - Updated

Télécharger en tant que PPTX, PDF
Akshata Sawant
Akshata Sawant

Learning Objectives: Learn about API Security What is Zero Trust Security How to achieve Zero Trust Security to protect your API

Technologie
1  sur  24
All contents © MuleSoft, LLC Zero Trust Security for your APIs By Akshata Sawant, Developer Advocate at MuleSoft @sawantakshata02 /akshata-sawant-192a3a121
About Me ● Developer Advocate at MuleSoft ● 5+ yrs - MuleSoft, APIs & Integrations ● Author and blogger ● Love travelling & photography ● Big time foodie! <3 @sawantakshata02 /akshata-sawant-192a3a121
Agenda ● Need for API Security ● What is Zero Trust Security(ZTS) ● How to implement ZTS for your APIs ● QnA
Forward-looking statements This presentation contains forward-looking statements about the Company’s financial and operating results, which may include expected GAAP and non-GAAP financial and other operating and non-operating results, including revenue, net income, earnings per share, operating cash flow growth, operating margin improvement, expected revenue growth, expected current remaining performance obligation growth, expected tax rates, stock-based compensation expenses, amortization of purchased intangibles, shares outstanding, market growth, environmental, social and governance goals, expected capital allocation, including mergers and acquisitions, capital expenditures and other investments, expectations regarding closing contemplated acquisitions and contributions from acquired companies. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, the Company’s results could differ materially from the results expressed or implied by the forward-looking statements it makes. The risks and uncertainties referred to above include those factors discussed in Salesforce’s reports filed from time to time with the Securities and Exchange Commission, including, but not limited to: risks associated with our ability to successfully integrate Slack Technologies, Inc.’s operations; our ability to realize the anticipated benefits of the Slack Technologies, Inc. transaction; the impact of Slack Technologies, Inc.’s business model on our ability to forecast revenue results; disruption from the transaction making it more difficult to maintain business and operational relationships; the impact of, and actions we may take in response to, the COVID-19 pandemic, related public health measures and resulting economic downturn and market volatility; our ability to maintain service performance and security levels meeting the expectations of our customers, and the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate performance degradation and security breaches; our ability to secure and costs related to data center capacity and other infrastructure provided by third parties; our reliance on third-party hardware, software and platform providers; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy; current and potential litigation involving us or our industry, including litigation involving acquired entities such as Tableau; regulatory developments and regulatory investigations involving us or affecting our industry; our ability to successfully introduce new services and product features, including any efforts to expand our services beyond the CRM market; the success of our strategy of acquiring or making investments in complementary businesses and strategic partnerships; our ability to compete in the market in which we participate; the success of our business strategy and our plan to build our business; our ability to execute our business plans; our ability to continue to grow unearned revenue and remaining performance obligation; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; our ability to limit customer attrition and costs related to those efforts; the success of our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations; our dependency on the development and maintenance of the infrastructure of the Internet; our real estate and office facilities strategy and related costs and uncertainties; fluctuations in, and our ability to predict, our operating results and cash flows; the variability in our results arising from the accounting for term license revenue products; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; our ability to protect our intellectual property rights; our ability to develop our brands; the valuation of our deferred tax assets and the release of related valuation allowances; uncertainties regarding our tax obligations in connection with potential jurisdictional transfers of intellectual property; uncertainties regarding the effect of general economic conditions; and risks related to our debt and lease obligations.
API Security is a major concern 41% of organizations suffered API Security issues in the last year JML Servers Clients (Users & Apps) API
Any GTA fans here?
Zero Trust Security Never trust; always verify Never Trust; Always Verify Least Privilege and Default Deny Full Visibility and Inspection Centralized Management
How to achieve ZTS for your APIs? Layered security approach
Tools-in-action
Process layer Experience layer System layer Illustrative Order Management system Rate-Limiting CORS Basic Auth- LDAP Header-injection Rate-limiting JWT Basic Authentication Header Injection CORS OAuth MFA Basic-Authentication Header Removal JWT Policy Custom Policy Rate-limiting SLA Based
Process layer Experience layer System layer Illustrative Layered security with API-led connectivity Line 1 Line 2 Basic Auth- LDAP Line 1 Line 2 Line 1 Line 2 JWT Line 1 Line 2 Line 1 Line 2 OAuth MFA Line 1 Line 2 Line 1 Line 2 JWT Line 1 Line 2
Unlock and unify data anywhere Integrate systems wherever they reside — on- premises, cloud, or hybrid Securely empower your business with APIs Allow API discovery and reuse with centralized management and governance Create seamless digital experiences, faster Easily apply proven assets and best practices from an API and integration marketplace MuleSoft Anypoint Platform World’s #1 integration and API platform Source: MuleSoft customer case studies 3x faster with reuse vs. custom code
14 Universal API Management on Anypoint Platform Build new APIs from scratch Manage APIs to consistent quality and security Maxie API developer Dan API owner
15 Demo 1: Build APIs following security standards Build new APIs from scratch Maxie API developer ❖ Build API Specification (Design first!) ❖ Catalog APIs from existing repository ❖ Implement and test business logic ❖ Deploy application & monitor performance
Let us head over to Anypoint Platform
18 Demo 1: Build APIs following security standards Build new APIs from scratch Maxie API developer
19 2: Manage and Secure APIs Manage APIs to consistent quality and security Dan API owner ❖ Proxy APIs built by developers ❖ Add security & SLA policies ❖ Manage & approve contracts ❖ Monitor services & diagnose issues ❖ Ensure specifications conform to governance standards
Let us head over to Anypoint Platform
Security and governance by default Start with a secure foundation Build on a platform with ISO 27001, SOC 1 & 2, HIPAA, PCI DSS and GDPR compliance Protect your deployment environments Enforce threat protection at each edge perimeter automatically using Anypoint Security Secure each service consistently Secure and manage any individual API, groups of APIs, or Kubernetes based microservices with API Manager and Anypoint Service Mesh Follow a zero-trust model by applying security in layers
● Need for API Security ● What is zero trust security ● MuleSoft Anypoint Platform and it’s capabilities ● How to apply policies and achieve layered security Key Takeaways
Next Steps https://www.mulesoft.com Join the Community Watch us on LIVE on Twitch Try Anypoint Platform for free
Available on amazon.com and Packt Publication MuleSoft for Salesforce Developers Amazon: https://amzn.to/3KeI5kX
QnA? You can also reach out to us on for further queries https://www.mulesoft.com @sawantakshata02 /akshata-sawant-192a3a121
Thank you

Recommandé

[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx
jorgelebrato
 
DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital...
DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital...DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital...
DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital...
Big Compass
 
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
apidays
 
Perth Meetup December 2021
Perth Meetup December 2021Perth Meetup December 2021
Perth Meetup December 2021
Michael Price
 
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Big Compass
 
Nonprofit User Group.pdf
Nonprofit User Group.pdfNonprofit User Group.pdf
Nonprofit User Group.pdf
MarianaLemus7
 
Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022
Thierry TROUIN ☁
 
Jaipur MuleSoft Meetup No. 3
Jaipur MuleSoft Meetup No. 3Jaipur MuleSoft Meetup No. 3
Jaipur MuleSoft Meetup No. 3
Lalit Panwar
 

Recommandé

[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx
jorgelebrato
 
DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital...
DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital...DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital...
DC MuleSoft Meetup: TDX Talk: API Security The 3 Keys To Protect Your Digital...
Big Compass
 
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
apidays
 
Perth Meetup December 2021
Perth Meetup December 2021Perth Meetup December 2021
Perth Meetup December 2021
Michael Price
 
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Denver MuleSoft Meetup: TDX Talk - Automatically Secure and Manage any API at...
Big Compass
 
Nonprofit User Group.pdf
Nonprofit User Group.pdfNonprofit User Group.pdf
Nonprofit User Group.pdf
MarianaLemus7
 
Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022Summer-22-FG-Mai-2022
Summer-22-FG-Mai-2022
Thierry TROUIN ☁
 
Jaipur MuleSoft Meetup No. 3
Jaipur MuleSoft Meetup No. 3Jaipur MuleSoft Meetup No. 3
Jaipur MuleSoft Meetup No. 3
Lalit Panwar
 
Architecting Integrations for Observability.pdf
Architecting Integrations for Observability.pdfArchitecting Integrations for Observability.pdf
Architecting Integrations for Observability.pdf
Manik S Magar
 
Implementing Einstein OCR
Implementing Einstein OCRImplementing Einstein OCR
Implementing Einstein OCR
Mohith Shrivastava
 
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Salesforce Developers
 
WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too! WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too!
Salesforce Admins
 
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Prag Ravichandran Kamalaveni (he/him)
 
Let's Learn About Heroku and How to Integrate with Salesforce
Let's Learn About Heroku and How to Integrate with SalesforceLet's Learn About Heroku and How to Integrate with Salesforce
Let's Learn About Heroku and How to Integrate with Salesforce
Sudipta Deb ☁
 
Alba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdfAlba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdf
MarkPawlikowski2
 
TDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UGTDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UG
Stephan Chandler-Garcia
 
Release Winter 22 FR
Release Winter 22 FRRelease Winter 22 FR
Release Winter 22 FR
Thierry TROUIN ☁
 
Winter 22 release
Winter 22 releaseWinter 22 release
Winter 22 release
Doria Hamelryk
 
Real-time Salesforce1 Dashboards with Raspberry-pi & Heroku
Real-time Salesforce1 Dashboards with Raspberry-pi & HerokuReal-time Salesforce1 Dashboards with Raspberry-pi & Heroku
Real-time Salesforce1 Dashboards with Raspberry-pi & Heroku
Salesforce Developers
 
Admin Best Practices: Introducing Einstein Recommendation Builder
Admin Best Practices: Introducing Einstein Recommendation BuilderAdmin Best Practices: Introducing Einstein Recommendation Builder
Admin Best Practices: Introducing Einstein Recommendation Builder
Salesforce Admins
 
Anypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptxAnypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptx
Anurag Dwivedi
 
tdx20cosenhancingyourcrmwitheinsteinai1592951856546.pdf
tdx20cosenhancingyourcrmwitheinsteinai1592951856546.pdftdx20cosenhancingyourcrmwitheinsteinai1592951856546.pdf
tdx20cosenhancingyourcrmwitheinsteinai1592951856546.pdf
MubeenQawi1
 
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
DianeKesler2
 
Summer '20 preview release overview-deck
Summer '20 preview release overview-deckSummer '20 preview release overview-deck
Summer '20 preview release overview-deck
Alan Thomas Payne
 
Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security
Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security
Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security
Stephanie Lawrence
 
Composer Overview Meetup.pdf
Composer Overview Meetup.pdfComposer Overview Meetup.pdf
Composer Overview Meetup.pdf
Jimmy Attia
 
MuleSoft Composer - 09122021 - Virtual Muleys
MuleSoft Composer - 09122021 - Virtual Muleys MuleSoft Composer - 09122021 - Virtual Muleys
MuleSoft Composer - 09122021 - Virtual Muleys
Angel Alberici
 
Toronto Developer Group - Winter 24' Release Highlights.pptx
Toronto Developer Group - Winter 24' Release Highlights.pptxToronto Developer Group - Winter 24' Release Highlights.pptx
Toronto Developer Group - Winter 24' Release Highlights.pptx
Karanraj Sankaranarayanan
 
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptxAnypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Akshata Sawant
 
London MuleSoft Meetup
London MuleSoft Meetup London MuleSoft Meetup
London MuleSoft Meetup
Akshata Sawant
 

Contenu connexe

Similaire à Zero Trust Security - Updated

Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Prag Ravichandran Kamalaveni (he/him)
 
Alba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdfAlba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdf
MarkPawlikowski2
 
Release Winter 22 FR
Release Winter 22 FRRelease Winter 22 FR
Release Winter 22 FR
Thierry TROUIN ☁
 
Admin Best Practices: Introducing Einstein Recommendation Builder
Admin Best Practices: Introducing Einstein Recommendation BuilderAdmin Best Practices: Introducing Einstein Recommendation Builder
Admin Best Practices: Introducing Einstein Recommendation Builder
Salesforce Admins
 
Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security
Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security
Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security
Stephanie Lawrence
 

Similaire à Zero Trust Security - Updated (20)

Architecting Integrations for Observability.pdf
Architecting Integrations for Observability.pdfArchitecting Integrations for Observability.pdf
Architecting Integrations for Observability.pdf
 
Implementing Einstein OCR
Implementing Einstein OCRImplementing Einstein OCR
Implementing Einstein OCR
 
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
 
WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too! WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too!
 
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
 
Let's Learn About Heroku and How to Integrate with Salesforce
Let's Learn About Heroku and How to Integrate with SalesforceLet's Learn About Heroku and How to Integrate with Salesforce
Let's Learn About Heroku and How to Integrate with Salesforce
 
Alba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdfAlba Rivas - Building Slack Applications with Bolt.js.pdf
Alba Rivas - Building Slack Applications with Bolt.js.pdf
 
TDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UGTDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UG
 
Release Winter 22 FR
Release Winter 22 FRRelease Winter 22 FR
Release Winter 22 FR
 
Winter 22 release
Winter 22 releaseWinter 22 release
Winter 22 release
 
Real-time Salesforce1 Dashboards with Raspberry-pi & Heroku
Real-time Salesforce1 Dashboards with Raspberry-pi & HerokuReal-time Salesforce1 Dashboards with Raspberry-pi & Heroku
Real-time Salesforce1 Dashboards with Raspberry-pi & Heroku
 
Admin Best Practices: Introducing Einstein Recommendation Builder
Admin Best Practices: Introducing Einstein Recommendation BuilderAdmin Best Practices: Introducing Einstein Recommendation Builder
Admin Best Practices: Introducing Einstein Recommendation Builder
 
Anypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptxAnypoint_Code_Builder_-Toronto Meetup.pptx
Anypoint_Code_Builder_-Toronto Meetup.pptx
 
tdx20cosenhancingyourcrmwitheinsteinai1592951856546.pdf
tdx20cosenhancingyourcrmwitheinsteinai1592951856546.pdftdx20cosenhancingyourcrmwitheinsteinai1592951856546.pdf
tdx20cosenhancingyourcrmwitheinsteinai1592951856546.pdf
 
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
 
Summer '20 preview release overview-deck
Summer '20 preview release overview-deckSummer '20 preview release overview-deck
Summer '20 preview release overview-deck
 
Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security
Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security
Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security
 
Composer Overview Meetup.pdf
Composer Overview Meetup.pdfComposer Overview Meetup.pdf
Composer Overview Meetup.pdf
 
MuleSoft Composer - 09122021 - Virtual Muleys
MuleSoft Composer - 09122021 - Virtual Muleys MuleSoft Composer - 09122021 - Virtual Muleys
MuleSoft Composer - 09122021 - Virtual Muleys
 
Toronto Developer Group - Winter 24' Release Highlights.pptx
Toronto Developer Group - Winter 24' Release Highlights.pptxToronto Developer Group - Winter 24' Release Highlights.pptx
Toronto Developer Group - Winter 24' Release Highlights.pptx
 

Plus de Akshata Sawant

Mumbai MuleSoft Meetup #22.pptx
Mumbai MuleSoft Meetup #22.pptxMumbai MuleSoft Meetup #22.pptx
Mumbai MuleSoft Meetup #22.pptx
Akshata Sawant
 
Manchester MuleSoft Meetup #8 - 28 Sept.pptx
Manchester MuleSoft Meetup #8 - 28 Sept.pptxManchester MuleSoft Meetup #8 - 28 Sept.pptx
Manchester MuleSoft Meetup #8 - 28 Sept.pptx
Akshata Sawant
 
Manchester MuleSoft Meetup #7
Manchester MuleSoft Meetup #7 Manchester MuleSoft Meetup #7
Manchester MuleSoft Meetup #7
Akshata Sawant
 

Plus de Akshata Sawant (20)

Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptxAnypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
 
London MuleSoft Meetup
London MuleSoft Meetup London MuleSoft Meetup
London MuleSoft Meetup
 
Mumbai MuleSoft Meetup #22.pptx
Mumbai MuleSoft Meetup #22.pptxMumbai MuleSoft Meetup #22.pptx
Mumbai MuleSoft Meetup #22.pptx
 
Mumbai MuleSoft Meetup #21
Mumbai MuleSoft Meetup #21Mumbai MuleSoft Meetup #21
Mumbai MuleSoft Meetup #21
 
Manchester MuleSoft Meetup #8 - 28 Sept.pptx
Manchester MuleSoft Meetup #8 - 28 Sept.pptxManchester MuleSoft Meetup #8 - 28 Sept.pptx
Manchester MuleSoft Meetup #8 - 28 Sept.pptx
 
London MuleSoft Meetup 15 Sept
London MuleSoft Meetup 15 SeptLondon MuleSoft Meetup 15 Sept
London MuleSoft Meetup 15 Sept
 
Manchester MuleSoft Meetup #7
Manchester MuleSoft Meetup #7 Manchester MuleSoft Meetup #7
Manchester MuleSoft Meetup #7
 
Zero Trust Security in practice.pptx
Zero Trust Security in practice.pptxZero Trust Security in practice.pptx
Zero Trust Security in practice.pptx
 
Mumbai MuleSoft Meetup #20
Mumbai MuleSoft Meetup #20Mumbai MuleSoft Meetup #20
Mumbai MuleSoft Meetup #20
 
Power of Einstein Analytics - Salesforce + Mulesoft
Power of Einstein Analytics - Salesforce + Mulesoft Power of Einstein Analytics - Salesforce + Mulesoft
Power of Einstein Analytics - Salesforce + Mulesoft
 
Mumbai MuleSoft Meetup #19 - Anypoint monitoring and MQ Integrations
Mumbai MuleSoft Meetup #19 - Anypoint monitoring and MQ IntegrationsMumbai MuleSoft Meetup #19 - Anypoint monitoring and MQ Integrations
Mumbai MuleSoft Meetup #19 - Anypoint monitoring and MQ Integrations
 
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
 
Mumbai MuleSoft Meetup #18
Mumbai MuleSoft Meetup #18Mumbai MuleSoft Meetup #18
Mumbai MuleSoft Meetup #18
 
Mumbai MuleSoft Meetup #17 - GraphQL
Mumbai MuleSoft Meetup #17 - GraphQLMumbai MuleSoft Meetup #17 - GraphQL
Mumbai MuleSoft Meetup #17 - GraphQL
 
Mumbai MuleSoft Meetup #15
Mumbai MuleSoft Meetup #15Mumbai MuleSoft Meetup #15
Mumbai MuleSoft Meetup #15
 
Mumbai MuleSoft Meetup 13
Mumbai MuleSoft Meetup 13Mumbai MuleSoft Meetup 13
Mumbai MuleSoft Meetup 13
 
Mumbai MuleSoft Meetup 12
Mumbai MuleSoft Meetup 12Mumbai MuleSoft Meetup 12
Mumbai MuleSoft Meetup 12
 
Mumbai MuleSoft Meetup 11
Mumbai MuleSoft Meetup 11Mumbai MuleSoft Meetup 11
Mumbai MuleSoft Meetup 11
 
Meet up slides_mumbai_05022020_final
Meet up slides_mumbai_05022020_finalMeet up slides_mumbai_05022020_final
Meet up slides_mumbai_05022020_final
 
Meet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_finalMeet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_final
 

Dernier

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 

Dernier (20)

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Zero Trust Security - Updated

  • 1. All contents © MuleSoft, LLC Zero Trust Security for your APIs By Akshata Sawant, Developer Advocate at MuleSoft @sawantakshata02 /akshata-sawant-192a3a121
  • 2. About Me ● Developer Advocate at MuleSoft ● 5+ yrs - MuleSoft, APIs & Integrations ● Author and blogger ● Love travelling & photography ● Big time foodie! <3 @sawantakshata02 /akshata-sawant-192a3a121
  • 3. Agenda ● Need for API Security ● What is Zero Trust Security(ZTS) ● How to implement ZTS for your APIs ● QnA
  • 4. Forward-looking statements This presentation contains forward-looking statements about the Company’s financial and operating results, which may include expected GAAP and non-GAAP financial and other operating and non-operating results, including revenue, net income, earnings per share, operating cash flow growth, operating margin improvement, expected revenue growth, expected current remaining performance obligation growth, expected tax rates, stock-based compensation expenses, amortization of purchased intangibles, shares outstanding, market growth, environmental, social and governance goals, expected capital allocation, including mergers and acquisitions, capital expenditures and other investments, expectations regarding closing contemplated acquisitions and contributions from acquired companies. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, the Company’s results could differ materially from the results expressed or implied by the forward-looking statements it makes. The risks and uncertainties referred to above include those factors discussed in Salesforce’s reports filed from time to time with the Securities and Exchange Commission, including, but not limited to: risks associated with our ability to successfully integrate Slack Technologies, Inc.’s operations; our ability to realize the anticipated benefits of the Slack Technologies, Inc. transaction; the impact of Slack Technologies, Inc.’s business model on our ability to forecast revenue results; disruption from the transaction making it more difficult to maintain business and operational relationships; the impact of, and actions we may take in response to, the COVID-19 pandemic, related public health measures and resulting economic downturn and market volatility; our ability to maintain service performance and security levels meeting the expectations of our customers, and the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate performance degradation and security breaches; our ability to secure and costs related to data center capacity and other infrastructure provided by third parties; our reliance on third-party hardware, software and platform providers; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy; current and potential litigation involving us or our industry, including litigation involving acquired entities such as Tableau; regulatory developments and regulatory investigations involving us or affecting our industry; our ability to successfully introduce new services and product features, including any efforts to expand our services beyond the CRM market; the success of our strategy of acquiring or making investments in complementary businesses and strategic partnerships; our ability to compete in the market in which we participate; the success of our business strategy and our plan to build our business; our ability to execute our business plans; our ability to continue to grow unearned revenue and remaining performance obligation; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; our ability to limit customer attrition and costs related to those efforts; the success of our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations; our dependency on the development and maintenance of the infrastructure of the Internet; our real estate and office facilities strategy and related costs and uncertainties; fluctuations in, and our ability to predict, our operating results and cash flows; the variability in our results arising from the accounting for term license revenue products; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; our ability to protect our intellectual property rights; our ability to develop our brands; the valuation of our deferred tax assets and the release of related valuation allowances; uncertainties regarding our tax obligations in connection with potential jurisdictional transfers of intellectual property; uncertainties regarding the effect of general economic conditions; and risks related to our debt and lease obligations.
  • 5. API Security is a major concern 41% of organizations suffered API Security issues in the last year JML Servers Clients (Users & Apps) API
  • 7. Zero Trust Security Never trust; always verify Never Trust; Always Verify Least Privilege and Default Deny Full Visibility and Inspection Centralized Management
  • 8. How to achieve ZTS for your APIs? Layered security approach
  • 10. Process layer Experience layer System layer Illustrative Order Management system Rate-Limiting CORS Basic Auth- LDAP Header-injection Rate-limiting JWT Basic Authentication Header Injection CORS OAuth MFA Basic-Authentication Header Removal JWT Policy Custom Policy Rate-limiting SLA Based
  • 11. Process layer Experience layer System layer Illustrative Layered security with API-led connectivity Line 1 Line 2 Basic Auth- LDAP Line 1 Line 2 Line 1 Line 2 JWT Line 1 Line 2 Line 1 Line 2 OAuth MFA Line 1 Line 2 Line 1 Line 2 JWT Line 1 Line 2
  • 12. Unlock and unify data anywhere Integrate systems wherever they reside — on- premises, cloud, or hybrid Securely empower your business with APIs Allow API discovery and reuse with centralized management and governance Create seamless digital experiences, faster Easily apply proven assets and best practices from an API and integration marketplace MuleSoft Anypoint Platform World’s #1 integration and API platform Source: MuleSoft customer case studies 3x faster with reuse vs. custom code
  • 13. 14 Universal API Management on Anypoint Platform Build new APIs from scratch Manage APIs to consistent quality and security Maxie API developer Dan API owner
  • 14. 15 Demo 1: Build APIs following security standards Build new APIs from scratch Maxie API developer ❖ Build API Specification (Design first!) ❖ Catalog APIs from existing repository ❖ Implement and test business logic ❖ Deploy application & monitor performance
  • 15. Let us head over to Anypoint Platform
  • 16. 18 Demo 1: Build APIs following security standards Build new APIs from scratch Maxie API developer
  • 17. 19 2: Manage and Secure APIs Manage APIs to consistent quality and security Dan API owner ❖ Proxy APIs built by developers ❖ Add security & SLA policies ❖ Manage & approve contracts ❖ Monitor services & diagnose issues ❖ Ensure specifications conform to governance standards
  • 18. Let us head over to Anypoint Platform
  • 19. Security and governance by default Start with a secure foundation Build on a platform with ISO 27001, SOC 1 & 2, HIPAA, PCI DSS and GDPR compliance Protect your deployment environments Enforce threat protection at each edge perimeter automatically using Anypoint Security Secure each service consistently Secure and manage any individual API, groups of APIs, or Kubernetes based microservices with API Manager and Anypoint Service Mesh Follow a zero-trust model by applying security in layers
  • 20. ● Need for API Security ● What is zero trust security ● MuleSoft Anypoint Platform and it’s capabilities ● How to apply policies and achieve layered security Key Takeaways
  • 21. Next Steps https://www.mulesoft.com Join the Community Watch us on LIVE on Twitch Try Anypoint Platform for free
  • 22. Available on amazon.com and Packt Publication MuleSoft for Salesforce Developers Amazon: https://amzn.to/3KeI5kX
  • 23. QnA? You can also reach out to us on for further queries https://www.mulesoft.com @sawantakshata02 /akshata-sawant-192a3a121