Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Scaling security across the enterprise
Secure by design
As of April 20th, 2017 and subject to change at MuleSoft's exclusi...
All contents © MuleSoft Inc.
What is Security by Design?
2
As of April 20th, 2017 and subject to change at MuleSoft's excl...
All contents © MuleSoft Inc.
What is it really?
3
• Bake security into your design
• Follow a standard set of principals
•...
All contents © MuleSoft Inc.
Is there an issue?
4
• OWASP Top 10 Update for 2017
As of April 20th, 2017 and subject to cha...
All contents © MuleSoft Inc.
Security Goals
5
• Digitization of Business Capabilities
• Multiple digital channels
• Confid...
All contents © MuleSoft Inc.
Security Design Principles
6
• Targeted
• Minimalized
• Locked
• Multi-keyed
• Elastic
• Reli...
All contents © MuleSoft Inc.
Targeted: Profile your APIs
7
Public APIsSemi-public APIs
Private APIs
As of April 20th, 2017...
All contents © MuleSoft Inc.
Minimalized: Be stingy with capabilities
8
• Domain-driven Design
• Business Entities
• Singl...
All contents © MuleSoft Inc.
Locked: Authenticate and Authorize every call
9
• Token based Access Control
• TLS
• Tokeniza...
All contents © MuleSoft Inc.
Multi-keyed: Use OpenID Connect and OAuth 2.0
10
ImplicitAuthorization Code
Authorization Cod...
All contents © MuleSoft Inc.
Multi-keyed: Use TLS, Mutual TLS, SAML, and JWT
11
As of April 20th, 2017 and subject to chan...
All contents © MuleSoft Inc.
Elastic: Use Containerization & Container Scheduling
12
• Each Microservice has distinct scal...
All contents © MuleSoft Inc.
Reliable: Use Domain Events
13
My Shopping Microservice
Order Fulfillment Microservice
Credit...
All contents © MuleSoft Inc.
Reliable: Use Circuit Breaker Pattern
14
My Shopping Microservice
Customer Profile Microservi...
All contents © MuleSoft Inc.
Standardized: Choose the best Technologies
15
As of April 20th, 2017 and subject to change at...
All contents © MuleSoft Inc.
Speed. Agility. API Security. Innovation.
16
• Emerges bottoms-up via self-service
• Provides...
Thank you!
Upcoming SlideShare
Loading in …5
×

Secure by design: Scaling security across the enterprise

810 views

Published on

By 2020, Gartner predicts 60% of digital businesses will suffer major service failures due to the inability of the IT security team to manage digital risk in new technology and use cases. As security failures quickly become headline news, CIOs and CISOs are under tremendous pressure to keep the business secure -- without slowing the business down. That's why incorporating security by design into applications and services is so crucial for the enterprise. In this session, we will discuss how applications networks are helping organizations federate security best practices, leverage machine learning to more proactively respond to threats and deliver defense in depth.

Published in: Software
  • Be the first to comment

  • Be the first to like this

Secure by design: Scaling security across the enterprise

  1. 1. Scaling security across the enterprise Secure by design As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  2. 2. All contents © MuleSoft Inc. What is Security by Design? 2 As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  3. 3. All contents © MuleSoft Inc. What is it really? 3 • Bake security into your design • Follow a standard set of principals • Think in Layers • Make it part of your culture As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  4. 4. All contents © MuleSoft Inc. Is there an issue? 4 • OWASP Top 10 Update for 2017 As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  5. 5. All contents © MuleSoft Inc. Security Goals 5 • Digitization of Business Capabilities • Multiple digital channels • Confidentiality • Integrity • Availability As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  6. 6. All contents © MuleSoft Inc. Security Design Principles 6 • Targeted • Minimalized • Locked • Multi-keyed • Elastic • Reliable • Standardized As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  7. 7. All contents © MuleSoft Inc. Targeted: Profile your APIs 7 Public APIsSemi-public APIs Private APIs As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  8. 8. All contents © MuleSoft Inc. Minimalized: Be stingy with capabilities 8 • Domain-driven Design • Business Entities • Single responsibility principle As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  9. 9. All contents © MuleSoft Inc. Locked: Authenticate and Authorize every call 9 • Token based Access Control • TLS • Tokenization As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  10. 10. All contents © MuleSoft Inc. Multi-keyed: Use OpenID Connect and OAuth 2.0 10 ImplicitAuthorization Code Authorization Code Client Credentials As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  11. 11. All contents © MuleSoft Inc. Multi-keyed: Use TLS, Mutual TLS, SAML, and JWT 11 As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  12. 12. All contents © MuleSoft Inc. Elastic: Use Containerization & Container Scheduling 12 • Each Microservice has distinct scalability requirements • Container scheduling makes scaling easy • PaaS frameworks schedule containers based on traffic As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  13. 13. All contents © MuleSoft Inc. Reliable: Use Domain Events 13 My Shopping Microservice Order Fulfillment Microservice Credit Card Microservice Inventory Microservice As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  14. 14. All contents © MuleSoft Inc. Reliable: Use Circuit Breaker Pattern 14 My Shopping Microservice Customer Profile Microservice Loyalty Microservice Order History Microservice Order History Microservice As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  15. 15. All contents © MuleSoft Inc. Standardized: Choose the best Technologies 15 As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  16. 16. All contents © MuleSoft Inc. Speed. Agility. API Security. Innovation. 16 • Emerges bottoms-up via self-service • Provides visibility, security and governability at every API node • Is recomposable: it bends, not breaks – built for change An application network As of April 20th, 2017 and subject to change at MuleSoft's exclusive discretion.
  17. 17. Thank you!

×