SlideShare une entreprise Scribd logo

Application Security with NGINX | APAC

N
NGINX, Inc.

About the Webinar In this webinar we demonstrate how to implement effective security controls for your application infrastructure, without impacting release velocity or application performance. Join Chris Witeck and Rajiv Kapoor as they showcase NGINX App Protect and the upcoming security capabilities within NGINX Controller, with specific business use cases in mind. On-Demand Link: https://www.nginx.com/resources/webinars/application-security-nginx-apcj/

Logiciels
1  sur  27
Télécharger pour lire hors ligne
NGINX App Sec August 2020 Chris Witeck – Director of Product Management Rajiv Kapoor – Sr Product Marketing Manager Daniel Edgar – Sr Technical Product Manager
| ©2020 F52 SECURING CRITICAL BUSINESS APPLICATIONS WITH NGINX Agenda Challenges with Securing Modern Apps NGINX Portfolio Overview NGINX Plus Application Security NGINX App Protect Demo NGINX Controller Application Security NGINX Offer Summary
| ©2020 F53 Challenges With Securing Modern Apps
| ©2020 F54 DevOps view of SecOpsSecOps view of DevOps SecOps
| ©2020 F55 Application DevelopmentThe Market • Proliferation of architectures • The same vulnerabilities (e.g. injection, cross-site scripting) continue to exist after 20 years of application security best practices • Organizations lack consistent policy to manage the growing complexity and risk of managing/tuning application security • cost of security breaches -- downtime/lost revenue • Application development has transformed to agile while security largely remains a manual effort • Developers and DevOps outnumber security professionals by as much as 100:1 • Time to market pressure, friction between AppDev/DevOps and SecOps, and perception of security as a bottleneck results in poor testing, process, oversight Pain points
| ©2020 F56 DevOpsSecOps AppDev • Understaffed and struggle to keep up with rapidly changing threats • Business leaders consider Compliance Vs Security the goal • Inconsistent security policies spanning multiple architectures, clouds and tool sprawl creates risk • Security slows down the application lifecycle and is perceived as a bottleneck • CI/CD pipelines that automate app development/deployment lack security • Business imperatives and incentives such as time to market compel DevOps to bypass SecOps. DevOps KPIs do not include security-related metrics • Developer training on security is lacking • Developers are focused on modern app development and are not able to stay abreast of the security landscape • Cloud and open-source software introduce unknown risks to the business Pain points
| ©2020 F57 DEVOPS / APPLICATIONS NETOPS / OPERATIONS Application Business Logic End User Most applications require numerous application services between the code and the customer APPLICATION DELIVERY ExamplesAPI gateway Ingress controller App / web server Load balancer
| ©2020 F58 DEVOPS / APPLICATIONS NETOPS / OPERATIONS What challenges emerge when security enters the picture? DEVSECOPS Application business logic End-user APPLICATION SECURITY APPLICATION DELIVERY
| ©2020 F59 Application business logic End-user The Modern Application Security Challenge: Operational silos, complexity, and ultimately friction API gateway Web app firewall Ingress controller App / web server Denial of service Anti-fraud & anti-bot Load balancer Secure access Traditional 3-Tier Microservices App architectures & infrastructure environments APPLICATION SECURITY Examples APPLICATION DELIVERY Examples DEVOPS / APPLICATIONS DEVSECOPS NETOPS / OPERATIONS
| ©2020 F510 App services must include both app delivery and app security, which reinforce each other through visibility and controls APPLICATION SECURITY APPLICATION DELIVERY Visibility Controls Application Business Logic End User DEVOPS / APPLICATIONS NETOPS / OPERATIONS DEVSECOPS Visibility across app services More easily embed security along the data path Apply policies and controls consistently
| ©2020 F511 Layered on top should include a mature control plane to orchestrate & automate app services APPLICATION SECURITY APPLICATION DELIVERY Application Business Logic End User APPLICATION INSIGHTS, AUTOMATION & ORCHESTRATION Simplify operational complexity Provide business insights and value Secure modern applications
| ©2020 F512 NGINX Application Security
| ©2020 F513 Addressing application security challenges Embed Security Policy Your Pipeline Secure Modern Apps Improve App Performance “Docker instances that have an unprotected port are used to instantiate a container running Ubuntu Linux, install a download utility, and then execute a 600-line program written in the Go programming language. The script attempts to turn off security, stop any competing cryptominers, and download the malicious cryptominer known as "Kinsing." – Dark Reading, April 2020 “many security and compliance monitoring tools have not kept up with this pace of change, as they simply weren’t built to test code at the speed DevOps requires. This has only solidified the view that security is the biggest block to rapid application development…” – What is DevSecOps? CSO Online Jan 2018 “Tools that don’t integrate into the Software Development Lifecycle disrupt DevSecOps initiatives and development processes, rather than supporting them.” – The challenges of shifting to DevSecOps- ITProPortal, Sept 2018
| ©2020 F514 Addressing application security challenges Embed Security Policy Your Pipeline Integrate security controls directly into your pipeline with security as code. Secure Modern Apps Strong security controls for microservices, containers, APIs, and other modern topologies. Improve App Performance The high performance WAF drives down operational costs and improve user the user experience without compromising security. security policies and protection optimized for DevOps workflow secure apps for any environment with consistency and centralized visibility security services and tools adaptable per app & technology NGINX Investments “Focus on Guardrails vs Gates” “Build Once, Run Anywhere” “Adaptive & Scalable App Services"
| ©2020 F515 NGINX Portfolio
NGINX Plus Application Security
Platform control planes Legacy NGINX Controller ● F5 BIG-IQ ● Third-party ecosystems ● Build Your Own Eliminate tool sprawl | Lightweight and highly portable | Abstract underlying infrastructure NGINX Plus NGINX App Protect
Strong App Security Built for Modern App Architectures CI/CD Friendly NGINX App Protect
| ©2020 F520 NGINX App Protect Deployment Options Edge Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Multiple locations to deploy Application Services: 1. Edge: External load balancers and proxies 2. Ingress Controller: Entry-point into Kubernetes 3. Per-Service Proxy: Interior service proxy tier 4. Per-Pod Proxy: Proxy embedded in pod 1 23 4
| ©2020 F521 NGINX App Protect Demo
| ©2020 F522 NGINX Controller Application Security
| ©2020 F5 NETWORKS23 CONFIDENTIAL NGINX Controller Innovations Seamless NGINX Plus Management App-Centric User Interface Visibility & Reporting Modular, Cross- Team Workflows APP Fastest, most lightweight and deployable across more platforms anyone Configuration and visibility aligned to how teams develop applications Detailed visibility into NGINX Plus deployment, and app centric analytics Consolidates team workflows and use cases Automation- Driven Configuration API Automates services deployment across pipelines reducing overhead & complexity
| ©2020 F5 NETWORKS24 Respond with Intelligent Insights Simplify Code to Customer Delivery Empower with Self- Service NGINX Controller Future Add-On
| ©2020 F5 NETWORKS25 SUMMER BETA, FALL COMMERCIAL AVAILABILITY NGINX Controller App Security
NGINX Controller App Sec Module (Summer/Fall 2020) AppSec Offer Summary NGINX App Protect for NGINX Plus (available now) ModSecurity for NGINX Plus (available now) ModSecurity OSS (available now) à Compliance Requirements – Higher Performance – Easier Tuning à Individual App/ Infrastructure Emphasis Enterprise Emphasis w/ App Centric Controls and DevOps Ease of Use Free
NGINX App Protect 1. Request a free trial of NGINX App Protect: https://www.nginx.com/free-trial-request/ 2. Learn more : https://www.nginx.com/products/nginx- app-protect/ NGINX Controller 1. Request a free trial of NGINX Controller: https://www.nginx.com/free-trial-request-nginx- controller/ 2. Learn more: https://www.nginx.com/products/nginx- Want to Learn More?
| ©2018 F5 NETWORKS28

Recommandé

Controller and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementController and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementNGINX, Inc.
 
Best Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API ManagementBest Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API ManagementNGINX, Inc.
 
Why CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital BusinessesWhy CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital BusinessesNGINX, Inc.
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...NGINX, Inc.
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsNGINX, Inc.
 
Découvrez NGINX AppProtect
Découvrez NGINX AppProtectDécouvrez NGINX AppProtect
Découvrez NGINX AppProtectNGINX, Inc.
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero
Deploy and Secure Your API Gateway with NGINX: From Zero to HeroDeploy and Secure Your API Gateway with NGINX: From Zero to Hero
Deploy and Secure Your API Gateway with NGINX: From Zero to HeroNGINX, Inc.
 
Monitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicMonitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicNGINX, Inc.
 

Recommandé

Controller and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementController and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementNGINX, Inc.
 
Best Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API ManagementBest Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API ManagementNGINX, Inc.
 
Why CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital BusinessesWhy CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital BusinessesNGINX, Inc.
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...NGINX, Inc.
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsNGINX, Inc.
 
Découvrez NGINX AppProtect
Découvrez NGINX AppProtectDécouvrez NGINX AppProtect
Découvrez NGINX AppProtectNGINX, Inc.
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero
Deploy and Secure Your API Gateway with NGINX: From Zero to HeroDeploy and Secure Your API Gateway with NGINX: From Zero to Hero
Deploy and Secure Your API Gateway with NGINX: From Zero to HeroNGINX, Inc.
 
Monitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicMonitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicNGINX, Inc.
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJDeploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJNGINX, Inc.
 
Revolutionising IT Agility
Revolutionising IT AgilityRevolutionising IT Agility
Revolutionising IT AgilityNGINX, Inc.
 
Nim tames sprawl
Nim tames sprawlNim tames sprawl
Nim tames sprawlNGINX, Inc.
 
Application Security with NGINX
Application Security with NGINXApplication Security with NGINX
Application Security with NGINXNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerNGINX, Inc.
 
Automate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX ControllerAutomate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX ControllerNGINX, Inc.
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXNGINX, Inc.
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservicesNGINX, Inc.
 
Accélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerAccélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Extend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesExtend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesRed Gate Software
 
Securing Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudSecuring Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudOlivia LaMar
 
Deployment Patterns for API gateways
Deployment Patterns for API gateways Deployment Patterns for API gateways
Deployment Patterns for API gateways NGINX, Inc.
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...NGINX, Inc.
 
NGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX, Inc.
 
Application delivery controllers
Application delivery controllersApplication delivery controllers
Application delivery controllerscubixtech
 
API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​NGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXNGINX, Inc.
 
Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2NGINX, Inc.
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPOlivia LaMar
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINXEasily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINXNGINX, Inc.
 

Contenu connexe

Tendances

Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJDeploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJNGINX, Inc.
 
Revolutionising IT Agility
Revolutionising IT AgilityRevolutionising IT Agility
Revolutionising IT AgilityNGINX, Inc.
 
Nim tames sprawl
Nim tames sprawlNim tames sprawl
Nim tames sprawlNGINX, Inc.
 
Application Security with NGINX
Application Security with NGINXApplication Security with NGINX
Application Security with NGINXNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerNGINX, Inc.
 
Automate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX ControllerAutomate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX ControllerNGINX, Inc.
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXNGINX, Inc.
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservicesNGINX, Inc.
 
Accélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerAccélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Extend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesExtend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesRed Gate Software
 
Securing Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudSecuring Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudOlivia LaMar
 
Deployment Patterns for API gateways
Deployment Patterns for API gateways Deployment Patterns for API gateways
Deployment Patterns for API gateways NGINX, Inc.
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...NGINX, Inc.
 
NGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX, Inc.
 
Application delivery controllers
Application delivery controllersApplication delivery controllers
Application delivery controllerscubixtech
 
API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​NGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXNGINX, Inc.
 
Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2NGINX, Inc.
 

Tendances (20)

Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJDeploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
 
Revolutionising IT Agility
Revolutionising IT AgilityRevolutionising IT Agility
Revolutionising IT Agility
 
Nim tames sprawl
Nim tames sprawlNim tames sprawl
Nim tames sprawl
 
Application Security with NGINX
Application Security with NGINXApplication Security with NGINX
Application Security with NGINX
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress Controller
 
Automate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX ControllerAutomate your NGINX Environment with the Ansible Collection for NGINX Controller
Automate your NGINX Environment with the Ansible Collection for NGINX Controller
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservices
 
Accélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerAccélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX Controller
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
 
Extend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesExtend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server Databases
 
Securing Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudSecuring Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the Cloud
 
Deployment Patterns for API gateways
Deployment Patterns for API gateways Deployment Patterns for API gateways
Deployment Patterns for API gateways
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
 
NGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJ
 
Application delivery controllers
Application delivery controllersApplication delivery controllers
Application delivery controllers
 
API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINX
 
Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2Demystifying AuthN/AuthZ Using OIDC & OAuth2
Demystifying AuthN/AuthZ Using OIDC & OAuth2
 

Similaire à Application Security with NGINX | APAC

Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPOlivia LaMar
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINXEasily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINXNGINX, Inc.
 
Secure Your Kubernetes Apps from Attacks with NGINX
Secure Your Kubernetes Apps from Attacks with NGINXSecure Your Kubernetes Apps from Attacks with NGINX
Secure Your Kubernetes Apps from Attacks with NGINXNGINX, Inc.
 
F5 Distributed Cloud.pptx
F5 Distributed Cloud.pptxF5 Distributed Cloud.pptx
F5 Distributed Cloud.pptxabenyeung1
 
Modern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API FriendlyModern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API FriendlyDevOps Indonesia
 
F5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-CloudF5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-Cloudabenyeung1
 
Shift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXShift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXNGINX, Inc.
 
Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpMitchell Pronschinske
 
Successfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINXSuccessfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINXNGINX, Inc.
 
Get the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXGet the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXNGINX, Inc.
 
Web Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery PipelinesWeb Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery PipelinesAvi Networks
 
F5 XC Distributed cloud Security and Application Delievery
F5 XC Distributed cloud Security and Application DelieveryF5 XC Distributed cloud Security and Application Delievery
F5 XC Distributed cloud Security and Application Delieverystkannan1
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsXebiaLabs
 
Secured APIM-as-a-Service
Secured APIM-as-a-ServiceSecured APIM-as-a-Service
Secured APIM-as-a-ServiceNGINX, Inc.
 
From Code to Customer with F5 and NGNX London Nov 19
From Code to Customer with F5 and NGNX London Nov 19From Code to Customer with F5 and NGNX London Nov 19
From Code to Customer with F5 and NGNX London Nov 19NGINX, Inc.
 
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Amazon Web Services
 
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!JessiRyan1
 
Testing 12-Factor Apps
Testing 12-Factor AppsTesting 12-Factor Apps
Testing 12-Factor AppsPhillip Marlow
 
Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)Fong Yee Long
 
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019 Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019 Amazon Web Services
 

Similaire à Application Security with NGINX | APAC (20)

Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINXEasily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINX
 
Secure Your Kubernetes Apps from Attacks with NGINX
Secure Your Kubernetes Apps from Attacks with NGINXSecure Your Kubernetes Apps from Attacks with NGINX
Secure Your Kubernetes Apps from Attacks with NGINX
 
F5 Distributed Cloud.pptx
F5 Distributed Cloud.pptxF5 Distributed Cloud.pptx
F5 Distributed Cloud.pptx
 
Modern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API FriendlyModern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API Friendly
 
F5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-CloudF5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-Cloud
 
Shift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXShift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINX
 
Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corp
 
Successfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINXSuccessfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINX
 
Get the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXGet the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINX
 
Web Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery PipelinesWeb Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery Pipelines
 
F5 XC Distributed cloud Security and Application Delievery
F5 XC Distributed cloud Security and Application DelieveryF5 XC Distributed cloud Security and Application Delievery
F5 XC Distributed cloud Security and Application Delievery
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale Organizations
 
Secured APIM-as-a-Service
Secured APIM-as-a-ServiceSecured APIM-as-a-Service
Secured APIM-as-a-Service
 
From Code to Customer with F5 and NGNX London Nov 19
From Code to Customer with F5 and NGNX London Nov 19From Code to Customer with F5 and NGNX London Nov 19
From Code to Customer with F5 and NGNX London Nov 19
 
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
 
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
 
Testing 12-Factor Apps
Testing 12-Factor AppsTesting 12-Factor Apps
Testing 12-Factor Apps
 
Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)Ibm business partner connect 2015 long fong yee v1 (read-only)
Ibm business partner connect 2015 long fong yee v1 (read-only)
 
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019 Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
 

Plus de NGINX, Inc.

【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法NGINX, Inc.
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナーNGINX, Inc.
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法NGINX, Inc.
 
Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3NGINX, Inc.
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & KubecostManaging Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & KubecostNGINX, Inc.
 
Manage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with ObservabilityManage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with ObservabilityNGINX, Inc.
 
Accelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with AutomationAccelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with AutomationNGINX, Inc.
 
Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101NGINX, Inc.
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices ArchitecturesUnit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices ArchitecturesNGINX, Inc.
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!NGINX, Inc.
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!NGINX, Inc.
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXKeep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXNGINX, Inc.
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...NGINX, Inc.
 
Protecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINXProtecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINXNGINX, Inc.
 
NGINX Kubernetes API
NGINX Kubernetes APINGINX Kubernetes API
NGINX Kubernetes APINGINX, Inc.
 
Installing and Configuring NGINX Open Source
Installing and Configuring NGINX Open SourceInstalling and Configuring NGINX Open Source
Installing and Configuring NGINX Open SourceNGINX, Inc.
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptxHow to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptxNGINX, Inc.
 
Kubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティKubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティNGINX, Inc.
 
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...NGINX, Inc.
 
Open Sourcing NGINX Agent and Demo
Open Sourcing NGINX Agent and DemoOpen Sourcing NGINX Agent and Demo
Open Sourcing NGINX Agent and DemoNGINX, Inc.
 

Plus de NGINX, Inc. (20)

【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
 
Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & KubecostManaging Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & Kubecost
 
Manage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with ObservabilityManage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with Observability
 
Accelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with AutomationAccelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with Automation
 
Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices ArchitecturesUnit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXKeep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
 
Protecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINXProtecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINX
 
NGINX Kubernetes API
NGINX Kubernetes APINGINX Kubernetes API
NGINX Kubernetes API
 
Installing and Configuring NGINX Open Source
Installing and Configuring NGINX Open SourceInstalling and Configuring NGINX Open Source
Installing and Configuring NGINX Open Source
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptxHow to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
 
Kubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティKubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティ
 
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...
 
Open Sourcing NGINX Agent and Demo
Open Sourcing NGINX Agent and DemoOpen Sourcing NGINX Agent and Demo
Open Sourcing NGINX Agent and Demo
 

Dernier

CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 

Dernier (20)

CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 

Application Security with NGINX | APAC

  • 1. NGINX App Sec August 2020 Chris Witeck – Director of Product Management Rajiv Kapoor – Sr Product Marketing Manager Daniel Edgar – Sr Technical Product Manager
  • 2. | ©2020 F52 SECURING CRITICAL BUSINESS APPLICATIONS WITH NGINX Agenda Challenges with Securing Modern Apps NGINX Portfolio Overview NGINX Plus Application Security NGINX App Protect Demo NGINX Controller Application Security NGINX Offer Summary
  • 3. | ©2020 F53 Challenges With Securing Modern Apps
  • 4. | ©2020 F54 DevOps view of SecOpsSecOps view of DevOps SecOps
  • 5. | ©2020 F55 Application DevelopmentThe Market • Proliferation of architectures • The same vulnerabilities (e.g. injection, cross-site scripting) continue to exist after 20 years of application security best practices • Organizations lack consistent policy to manage the growing complexity and risk of managing/tuning application security • cost of security breaches -- downtime/lost revenue • Application development has transformed to agile while security largely remains a manual effort • Developers and DevOps outnumber security professionals by as much as 100:1 • Time to market pressure, friction between AppDev/DevOps and SecOps, and perception of security as a bottleneck results in poor testing, process, oversight Pain points
  • 6. | ©2020 F56 DevOpsSecOps AppDev • Understaffed and struggle to keep up with rapidly changing threats • Business leaders consider Compliance Vs Security the goal • Inconsistent security policies spanning multiple architectures, clouds and tool sprawl creates risk • Security slows down the application lifecycle and is perceived as a bottleneck • CI/CD pipelines that automate app development/deployment lack security • Business imperatives and incentives such as time to market compel DevOps to bypass SecOps. DevOps KPIs do not include security-related metrics • Developer training on security is lacking • Developers are focused on modern app development and are not able to stay abreast of the security landscape • Cloud and open-source software introduce unknown risks to the business Pain points
  • 7. | ©2020 F57 DEVOPS / APPLICATIONS NETOPS / OPERATIONS Application Business Logic End User Most applications require numerous application services between the code and the customer APPLICATION DELIVERY ExamplesAPI gateway Ingress controller App / web server Load balancer
  • 8. | ©2020 F58 DEVOPS / APPLICATIONS NETOPS / OPERATIONS What challenges emerge when security enters the picture? DEVSECOPS Application business logic End-user APPLICATION SECURITY APPLICATION DELIVERY
  • 9. | ©2020 F59 Application business logic End-user The Modern Application Security Challenge: Operational silos, complexity, and ultimately friction API gateway Web app firewall Ingress controller App / web server Denial of service Anti-fraud & anti-bot Load balancer Secure access Traditional 3-Tier Microservices App architectures & infrastructure environments APPLICATION SECURITY Examples APPLICATION DELIVERY Examples DEVOPS / APPLICATIONS DEVSECOPS NETOPS / OPERATIONS
  • 10. | ©2020 F510 App services must include both app delivery and app security, which reinforce each other through visibility and controls APPLICATION SECURITY APPLICATION DELIVERY Visibility Controls Application Business Logic End User DEVOPS / APPLICATIONS NETOPS / OPERATIONS DEVSECOPS Visibility across app services More easily embed security along the data path Apply policies and controls consistently
  • 11. | ©2020 F511 Layered on top should include a mature control plane to orchestrate & automate app services APPLICATION SECURITY APPLICATION DELIVERY Application Business Logic End User APPLICATION INSIGHTS, AUTOMATION & ORCHESTRATION Simplify operational complexity Provide business insights and value Secure modern applications
  • 12. | ©2020 F512 NGINX Application Security
  • 13. | ©2020 F513 Addressing application security challenges Embed Security Policy Your Pipeline Secure Modern Apps Improve App Performance “Docker instances that have an unprotected port are used to instantiate a container running Ubuntu Linux, install a download utility, and then execute a 600-line program written in the Go programming language. The script attempts to turn off security, stop any competing cryptominers, and download the malicious cryptominer known as "Kinsing." – Dark Reading, April 2020 “many security and compliance monitoring tools have not kept up with this pace of change, as they simply weren’t built to test code at the speed DevOps requires. This has only solidified the view that security is the biggest block to rapid application development…” – What is DevSecOps? CSO Online Jan 2018 “Tools that don’t integrate into the Software Development Lifecycle disrupt DevSecOps initiatives and development processes, rather than supporting them.” – The challenges of shifting to DevSecOps- ITProPortal, Sept 2018
  • 14. | ©2020 F514 Addressing application security challenges Embed Security Policy Your Pipeline Integrate security controls directly into your pipeline with security as code. Secure Modern Apps Strong security controls for microservices, containers, APIs, and other modern topologies. Improve App Performance The high performance WAF drives down operational costs and improve user the user experience without compromising security. security policies and protection optimized for DevOps workflow secure apps for any environment with consistency and centralized visibility security services and tools adaptable per app & technology NGINX Investments “Focus on Guardrails vs Gates” “Build Once, Run Anywhere” “Adaptive & Scalable App Services"
  • 15. | ©2020 F515 NGINX Portfolio
  • 17. Platform control planes Legacy NGINX Controller ● F5 BIG-IQ ● Third-party ecosystems ● Build Your Own Eliminate tool sprawl | Lightweight and highly portable | Abstract underlying infrastructure NGINX Plus NGINX App Protect
  • 18. Strong App Security Built for Modern App Architectures CI/CD Friendly NGINX App Protect
  • 19. | ©2020 F520 NGINX App Protect Deployment Options Edge Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Multiple locations to deploy Application Services: 1. Edge: External load balancers and proxies 2. Ingress Controller: Entry-point into Kubernetes 3. Per-Service Proxy: Interior service proxy tier 4. Per-Pod Proxy: Proxy embedded in pod 1 23 4
  • 20. | ©2020 F521 NGINX App Protect Demo
  • 21. | ©2020 F522 NGINX Controller Application Security
  • 22. | ©2020 F5 NETWORKS23 CONFIDENTIAL NGINX Controller Innovations Seamless NGINX Plus Management App-Centric User Interface Visibility & Reporting Modular, Cross- Team Workflows APP Fastest, most lightweight and deployable across more platforms anyone Configuration and visibility aligned to how teams develop applications Detailed visibility into NGINX Plus deployment, and app centric analytics Consolidates team workflows and use cases Automation- Driven Configuration API Automates services deployment across pipelines reducing overhead & complexity
  • 23. | ©2020 F5 NETWORKS24 Respond with Intelligent Insights Simplify Code to Customer Delivery Empower with Self- Service NGINX Controller Future Add-On
  • 24. | ©2020 F5 NETWORKS25 SUMMER BETA, FALL COMMERCIAL AVAILABILITY NGINX Controller App Security
  • 25. NGINX Controller App Sec Module (Summer/Fall 2020) AppSec Offer Summary NGINX App Protect for NGINX Plus (available now) ModSecurity for NGINX Plus (available now) ModSecurity OSS (available now) à Compliance Requirements – Higher Performance – Easier Tuning à Individual App/ Infrastructure Emphasis Enterprise Emphasis w/ App Centric Controls and DevOps Ease of Use Free
  • 26. NGINX App Protect 1. Request a free trial of NGINX App Protect: https://www.nginx.com/free-trial-request/ 2. Learn more : https://www.nginx.com/products/nginx- app-protect/ NGINX Controller 1. Request a free trial of NGINX Controller: https://www.nginx.com/free-trial-request-nginx- controller/ 2. Learn more: https://www.nginx.com/products/nginx- Want to Learn More?
  • 27. | ©2018 F5 NETWORKS28