SlideShare a Scribd company logo

Anypoint platform security components

Download as ODP, PDF
D.Rajesh Kumar
D.Rajesh Kumar

The document discusses security components in the Anypoint platform, including Anypoint Enterprise Security, API Security Manager, and Virtual Private Cloud (VPC). Anypoint Enterprise Security provides security features like message encryption and digital signatures. API Security Manager enables authentication through methods such as usernames/passwords and multi-factor authentication. The Virtual Private Cloud allows users to create a private, isolated network in the cloud to host applications and workers with configurable firewall and VPN connectivity.

1 of 10
Anypoint platform security components -RajeshKumar 1
Anypoint platform security components 2 • Anypoint Enterprise Security • API Security Manager • Virtual Private Cloud (VPC)
Taking security 3 • MuleSoft’s approach to cloud security is two-folded – MuleSoft actively and consciously avoids inspecting, storing, manipulating, monitoring, or otherwise directly interacting with sensitive customer data – MuleSoft provides a highly secure environment in which customers can perform sensitive data manipulations • A dedicated security team follows industry best practices, runs internal security audits and maintains policies that span operations, data security, passwords and credentials, and secure connectivity
Identity authentication mechanisms 4 • User authentication – Username and password credentials – Multi-factor authentication – Token-based credentials • API and server authentication – Public/private key cryptography • User authorization – Role based access control (RBAC) – Attribute based access control (ABAC) – OAuth (2.0) delegated access control • Federated identity management – Single Sign-on
Message integrity 5 • Message verifier – Message received by your API is verified as being the same as sent by the client • Digital signatures – Client produces a signature by using an algorithm and a secret code – API applies the same algorithm and code to produce its own signature and compare it against the incoming signature • Message safety – Protection against potentially harmful data in the request – Attacks often come through large XML documents with multiple levels of nested elements
Security recommendations 6 • Use “Least Privilege Access” principle • Perform periodic penetration testing • Perform periodic external reviews • Configure Logging and Alerting • Configure secure properties – Optionally consider (centralized) properties management • Credentials management • Tight control on who has administrative access • Use encrypted/secured communications – Both inside and outside the application’s scope
Anypoint Enterprise Security 7 • Collection of security features that enforce secure access to information in Mule applications • Provides various methods for applying security to Mule applications • Requires an Enterprise license • Add-on module that needs to be installed in Anypoint Studio • Consists of 6 modules • Suitable for both on-premise and cloudhub applications
Enterprise Security modules 8 • Mule Filter Processor – Compares messages with filter criteria before processing – Filter by IP/timestamp features are available • Mule Credentials Vault – Encrypts the property file – Flow can access the data from property files • Mule Message Encryption Processor – Encrypt or Decrypt part of messages or entire payload – JCE Encrypter, XML Encrypter, PGP Encrypter
Enterprise Security modules 9 • Mule Secure Token Service (STS) OAuth 2.0a Provider – Security for REST service provider/consumer • Mule Digital Signature Processor – Ensure the integrity and authenticity of the message source • Mule CRC32 processor – Cyclic redundancy check (CRC) to messages to ensure message integrity
Virtual Private Cloud (VPC) 10 • The Virtual Private Cloud (VPC) offering allows you to virtually create a private and isolated network in the cloud to host workers • Choose to use this isolated network as it best suites your needs – Host your applications in a VPC and take advantage of its load balancer – Configure your own firewall rules for your VPC – Connect your VPC to your corporate intranet whether on-premises or in other clouds via a VPN connection as if they were all part of a single, private network – Set a private DNS server so the workers hosted in a VPC communicate with your internal network using your private host names

Recommended

Anypoint platform security components
Anypoint platform security componentsAnypoint platform security components
Anypoint platform security components
D.Rajesh Kumar
 
Mule security
Mule securityMule security
Mule security
D.Rajesh Kumar
 
Mule esb mmc
Mule esb mmcMule esb mmc
Mule esb mmc
D.Rajesh Kumar
 
Mule management console
Mule management consoleMule management console
Mule management console
Shanky Gupta
 
Oracle vs-mulesoft-api-manager-features
Oracle vs-mulesoft-api-manager-featuresOracle vs-mulesoft-api-manager-features
Oracle vs-mulesoft-api-manager-features
Prabhat gangwar
 
Mule saas
Mule saasMule saas
Mule saas
charan teja R
 
Cloud hub in mule esb
Cloud hub in mule esbCloud hub in mule esb
Cloud hub in mule esb
D.Rajesh Kumar
 
Mule enterprise security
Mule enterprise securityMule enterprise security
Mule enterprise security
keshav Naidu
 

Recommended

Anypoint platform security components
Anypoint platform security componentsAnypoint platform security components
Anypoint platform security components
D.Rajesh Kumar
 
Mule security
Mule securityMule security
Mule security
D.Rajesh Kumar
 
Mule esb mmc
Mule esb mmcMule esb mmc
Mule esb mmc
D.Rajesh Kumar
 
Mule management console
Mule management consoleMule management console
Mule management console
Shanky Gupta
 
Oracle vs-mulesoft-api-manager-features
Oracle vs-mulesoft-api-manager-featuresOracle vs-mulesoft-api-manager-features
Oracle vs-mulesoft-api-manager-features
Prabhat gangwar
 
Mule saas
Mule saasMule saas
Mule saas
charan teja R
 
Cloud hub in mule esb
Cloud hub in mule esbCloud hub in mule esb
Cloud hub in mule esb
D.Rajesh Kumar
 
Mule enterprise security
Mule enterprise securityMule enterprise security
Mule enterprise security
keshav Naidu
 
Mule soft Basics
Mule soft BasicsMule soft Basics
Mule soft Basics
Arun Yaligar
 
Anypoint data gateway
Anypoint data gatewayAnypoint data gateway
Anypoint data gateway
Mohammed246
 
Mule cloudhub
Mule cloudhubMule cloudhub
Mule cloudhub
D.Rajesh Kumar
 
Mule security
Mule securityMule security
Mule security
D.Rajesh Kumar
 
Mule esb-connectors
Mule esb-connectorsMule esb-connectors
Mule esb-connectors
himajareddys
 
Anypoint platform release highlights
Anypoint platform release highlightsAnypoint platform release highlights
Anypoint platform release highlights
D.Rajesh Kumar
 
Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft ppt
kishore ippili
 
Apply Rate Limiting Policy
Apply Rate Limiting Policy Apply Rate Limiting Policy
Apply Rate Limiting Policy
Vince Soliza
 
Mule security
Mule securityMule security
Mule security
charan teja R
 
MULE-JAAS
MULE-JAASMULE-JAAS
MULE-JAAS
D.Rajesh Kumar
 
Mule mule agent
Mule mule agentMule mule agent
Mule mule agent
D.Rajesh Kumar
 
Integrating microservices in the cloud
Integrating microservices in the cloudIntegrating microservices in the cloud
Integrating microservices in the cloud
Jason Bloomberg
 
Mule Microsoft Share Point 2013 Connector
Mule Microsoft Share Point 2013 ConnectorMule Microsoft Share Point 2013 Connector
Mule Microsoft Share Point 2013 Connector
Ankush Sharma
 
Mule mule management console
Mule mule management consoleMule mule management console
Mule mule management console
D.Rajesh Kumar
 
Microservice-based Architecture on the Salesforce App Cloud
Microservice-based Architecture on the Salesforce App CloudMicroservice-based Architecture on the Salesforce App Cloud
Microservice-based Architecture on the Salesforce App Cloud
pbattisson
 
Flows in mule
Flows in muleFlows in mule
Flows in mule
Sindhu VL
 
Mule anypoint enterprise security
Mule anypoint enterprise securityMule anypoint enterprise security
Mule anypoint enterprise security
D.Rajesh Kumar
 
Anypoint enterprise security overview
Anypoint enterprise security overviewAnypoint enterprise security overview
Anypoint enterprise security overview
danishsm84
 
Kaseya Corporate Update and Roadmap Q1 2014
Kaseya Corporate Update and Roadmap Q1 2014Kaseya Corporate Update and Roadmap Q1 2014
Kaseya Corporate Update and Roadmap Q1 2014
Kaseya
 
Mule esb api layer
Mule esb api layerMule esb api layer
Mule esb api layer
Praneethchampion
 
Mule esb transaction mgmt
Mule esb transaction mgmtMule esb transaction mgmt
Mule esb transaction mgmt
D.Rajesh Kumar
 
Mule message
Mule messageMule message
Mule message
Marta Bryla
 

More Related Content

What's hot

Mule soft Basics
Mule soft BasicsMule soft Basics
Mule soft Basics
Arun Yaligar
 
Anypoint data gateway
Anypoint data gatewayAnypoint data gateway
Anypoint data gateway
Mohammed246
 
Mule cloudhub
Mule cloudhubMule cloudhub
Mule cloudhub
D.Rajesh Kumar
 
Mule security
Mule securityMule security
Mule security
D.Rajesh Kumar
 
Mule esb-connectors
Mule esb-connectorsMule esb-connectors
Mule esb-connectors
himajareddys
 
Anypoint platform release highlights
Anypoint platform release highlightsAnypoint platform release highlights
Anypoint platform release highlights
D.Rajesh Kumar
 
Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft ppt
kishore ippili
 
Apply Rate Limiting Policy
Apply Rate Limiting Policy Apply Rate Limiting Policy
Apply Rate Limiting Policy
Vince Soliza
 
Mule security
Mule securityMule security
Mule security
charan teja R
 
MULE-JAAS
MULE-JAASMULE-JAAS
MULE-JAAS
D.Rajesh Kumar
 
Mule mule agent
Mule mule agentMule mule agent
Mule mule agent
D.Rajesh Kumar
 
Integrating microservices in the cloud
Integrating microservices in the cloudIntegrating microservices in the cloud
Integrating microservices in the cloud
Jason Bloomberg
 
Mule Microsoft Share Point 2013 Connector
Mule Microsoft Share Point 2013 ConnectorMule Microsoft Share Point 2013 Connector
Mule Microsoft Share Point 2013 Connector
Ankush Sharma
 
Mule mule management console
Mule mule management consoleMule mule management console
Mule mule management console
D.Rajesh Kumar
 
Microservice-based Architecture on the Salesforce App Cloud
Microservice-based Architecture on the Salesforce App CloudMicroservice-based Architecture on the Salesforce App Cloud
Microservice-based Architecture on the Salesforce App Cloud
pbattisson
 
Flows in mule
Flows in muleFlows in mule
Flows in mule
Sindhu VL
 
Mule anypoint enterprise security
Mule anypoint enterprise securityMule anypoint enterprise security
Mule anypoint enterprise security
D.Rajesh Kumar
 
Anypoint enterprise security overview
Anypoint enterprise security overviewAnypoint enterprise security overview
Anypoint enterprise security overview
danishsm84
 
Kaseya Corporate Update and Roadmap Q1 2014
Kaseya Corporate Update and Roadmap Q1 2014Kaseya Corporate Update and Roadmap Q1 2014
Kaseya Corporate Update and Roadmap Q1 2014
Kaseya
 
Mule esb api layer
Mule esb api layerMule esb api layer
Mule esb api layer
Praneethchampion
 

What's hot (20)

Mule soft Basics
Mule soft BasicsMule soft Basics
Mule soft Basics
 
Anypoint data gateway
Anypoint data gatewayAnypoint data gateway
Anypoint data gateway
 
Mule cloudhub
Mule cloudhubMule cloudhub
Mule cloudhub
 
Mule security
Mule securityMule security
Mule security
 
Mule esb-connectors
Mule esb-connectorsMule esb-connectors
Mule esb-connectors
 
Anypoint platform release highlights
Anypoint platform release highlightsAnypoint platform release highlights
Anypoint platform release highlights
 
Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft ppt
 
Apply Rate Limiting Policy
Apply Rate Limiting Policy Apply Rate Limiting Policy
Apply Rate Limiting Policy
 
Mule security
Mule securityMule security
Mule security
 
MULE-JAAS
MULE-JAASMULE-JAAS
MULE-JAAS
 
Mule mule agent
Mule mule agentMule mule agent
Mule mule agent
 
Integrating microservices in the cloud
Integrating microservices in the cloudIntegrating microservices in the cloud
Integrating microservices in the cloud
 
Mule Microsoft Share Point 2013 Connector
Mule Microsoft Share Point 2013 ConnectorMule Microsoft Share Point 2013 Connector
Mule Microsoft Share Point 2013 Connector
 
Mule mule management console
Mule mule management consoleMule mule management console
Mule mule management console
 
Microservice-based Architecture on the Salesforce App Cloud
Microservice-based Architecture on the Salesforce App CloudMicroservice-based Architecture on the Salesforce App Cloud
Microservice-based Architecture on the Salesforce App Cloud
 
Flows in mule
Flows in muleFlows in mule
Flows in mule
 
Mule anypoint enterprise security
Mule anypoint enterprise securityMule anypoint enterprise security
Mule anypoint enterprise security
 
Anypoint enterprise security overview
Anypoint enterprise security overviewAnypoint enterprise security overview
Anypoint enterprise security overview
 
Kaseya Corporate Update and Roadmap Q1 2014
Kaseya Corporate Update and Roadmap Q1 2014Kaseya Corporate Update and Roadmap Q1 2014
Kaseya Corporate Update and Roadmap Q1 2014
 
Mule esb api layer
Mule esb api layerMule esb api layer
Mule esb api layer
 

Viewers also liked

Mule esb transaction mgmt
Mule esb transaction mgmtMule esb transaction mgmt
Mule esb transaction mgmt
D.Rajesh Kumar
 
Mule message
Mule messageMule message
Mule message
Marta Bryla
 
Web services
Web servicesWeb services
Web services
Srilatha Kante
 
Java component
Java componentJava component
Java component
Srilatha Kante
 
Mule esb domain
Mule esb domainMule esb domain
Mule esb domain
D.Rajesh Kumar
 
Mule Cloud Connectors-Save and Load OAuth
Mule Cloud Connectors-Save and Load OAuthMule Cloud Connectors-Save and Load OAuth
Mule Cloud Connectors-Save and Load OAuth
Sara Peralta
 
Mule advanced
Mule advancedMule advanced
Mule advanced
D.Rajesh Kumar
 
Mule management console Architecture
Mule management console ArchitectureMule management console Architecture
Mule management console Architecture
Shanky Gupta
 
Mule message structure and varibles scopes
Mule message structure and varibles scopesMule message structure and varibles scopes
Mule message structure and varibles scopes
Ramakrishna kapa
 
Connection management
Connection managementConnection management
Connection management
Srilatha Kante
 
Logger
LoggerLogger
Logger
Srilatha Kante
 
Mule message structure
Mule message structureMule message structure
Mule message structure
Srilatha Kante
 
Mule exception handlingstrategies
Mule exception handlingstrategiesMule exception handlingstrategies
Mule exception handlingstrategies
D.Rajesh Kumar
 
Invoke component
Invoke componentInvoke component
Invoke component
Srilatha Kante
 
Mule message structure
Mule message structureMule message structure
Mule message structure
Shanky Gupta
 
Connection management
Connection managementConnection management
Connection management
Srilatha Kante
 
Mule esb integration patterns
Mule esb integration patternsMule esb integration patterns
Mule esb integration patterns
D.Rajesh Kumar
 

Viewers also liked (20)

Mule esb transaction mgmt
Mule esb transaction mgmtMule esb transaction mgmt
Mule esb transaction mgmt
 
Mule message
Mule messageMule message
Mule message
 
Web services
Web servicesWeb services
Web services
 
Java-JSON-Jackson
Java-JSON-JacksonJava-JSON-Jackson
Java-JSON-Jackson
 
Java component
Java componentJava component
Java component
 
Mule_Portal
Mule_PortalMule_Portal
Mule_Portal
 
Mule esb domain
Mule esb domainMule esb domain
Mule esb domain
 
Mule Cloud Connectors-Save and Load OAuth
Mule Cloud Connectors-Save and Load OAuthMule Cloud Connectors-Save and Load OAuth
Mule Cloud Connectors-Save and Load OAuth
 
Mule advanced
Mule advancedMule advanced
Mule advanced
 
Mule management console Architecture
Mule management console ArchitectureMule management console Architecture
Mule management console Architecture
 
MMC
MMCMMC
MMC
 
Mule message structure and varibles scopes
Mule message structure and varibles scopesMule message structure and varibles scopes
Mule message structure and varibles scopes
 
Connection management
Connection managementConnection management
Connection management
 
Logger
LoggerLogger
Logger
 
Mule message structure
Mule message structureMule message structure
Mule message structure
 
Mule exception handlingstrategies
Mule exception handlingstrategiesMule exception handlingstrategies
Mule exception handlingstrategies
 
Invoke component
Invoke componentInvoke component
Invoke component
 
Mule message structure
Mule message structureMule message structure
Mule message structure
 
Connection management
Connection managementConnection management
Connection management
 
Mule esb integration patterns
Mule esb integration patternsMule esb integration patterns
Mule esb integration patterns
 

Similar to Anypoint platform security components

AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAmazon Web Services
 
Chapter08
Chapter08Chapter08
Chapter08
Muhammad Ahad
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
 
Anypoint enterprise security
Anypoint enterprise securityAnypoint enterprise security
Anypoint enterprise securityKrishna_in
 
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
Micro Focus
 
Security Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloudSecurity Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloud
Neelkamal Gaharwar
 
Client Server Network Security
Client Server Network SecurityClient Server Network Security
Client Server Network Security
MithilDoshi1
 
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
Codit
 
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
Tom Kerkhove
 
Jenkins Terraform Vault
Jenkins Terraform VaultJenkins Terraform Vault
Jenkins Terraform Vault
Shrivatsa Upadhye
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hackingDesmond Devendran
 
Security components in mule esb
Security components in mule esbSecurity components in mule esb
Security components in mule esb
himajareddys
 
Unit 5
Unit 5Unit 5
Unit 5
DhanalakshmiVelusamy1
 
Hybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptx
HansFarroCastillo1
 
Securing ap is oauth and fine grained access control
Securing ap is oauth and fine grained access controlSecuring ap is oauth and fine grained access control
Securing ap is oauth and fine grained access control
AaronLieberman5
 
AWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAmazon Web Services
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure code
Flaskdata.io
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Inductive Automation
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Inductive Automation
 
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
EC-Council
 

Similar to Anypoint platform security components (20)

AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
 
Chapter08
Chapter08Chapter08
Chapter08
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
 
Anypoint enterprise security
Anypoint enterprise securityAnypoint enterprise security
Anypoint enterprise security
 
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
 
Security Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloudSecurity Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloud
 
Client Server Network Security
Client Server Network SecurityClient Server Network Security
Client Server Network Security
 
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
 
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
 
Jenkins Terraform Vault
Jenkins Terraform VaultJenkins Terraform Vault
Jenkins Terraform Vault
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
Security components in mule esb
Security components in mule esbSecurity components in mule esb
Security components in mule esb
 
Unit 5
Unit 5Unit 5
Unit 5
 
Hybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptxHybrid - Seguridad en Contenedores v3.pptx
Hybrid - Seguridad en Contenedores v3.pptx
 
Securing ap is oauth and fine grained access control
Securing ap is oauth and fine grained access controlSecuring ap is oauth and fine grained access control
Securing ap is oauth and fine grained access control
 
AWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security Keynote
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure code
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
 
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
 

More from D.Rajesh Kumar

Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0
D.Rajesh Kumar
 
Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)
D.Rajesh Kumar
 
Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020
D.Rajesh Kumar
 
Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10
D.Rajesh Kumar
 
Meetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedMeetup bangalore 9_novupdated
Meetup bangalore 9_novupdated
D.Rajesh Kumar
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019
D.Rajesh Kumar
 
Meetup bangalore june29th2019
Meetup bangalore june29th2019Meetup bangalore june29th2019
Meetup bangalore june29th2019
D.Rajesh Kumar
 
mulesoft meetup @ bangalore
mulesoft meetup @ bangaloremulesoft meetup @ bangalore
mulesoft meetup @ bangalore
D.Rajesh Kumar
 
Meetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshMeetup_Bangalore_Rajesh
Meetup_Bangalore_Rajesh
D.Rajesh Kumar
 
Calico and container
Calico and containerCalico and container
Calico and container
D.Rajesh Kumar
 
Calico docker+ipam
Calico docker+ipamCalico docker+ipam
Calico docker+ipam
D.Rajesh Kumar
 
Calico architecture
Calico architectureCalico architecture
Calico architecture
D.Rajesh Kumar
 
Calico to secure host interfaces
Calico to secure host interfacesCalico to secure host interfaces
Calico to secure host interfaces
D.Rajesh Kumar
 
Calico and how interprets neutron api
Calico and how interprets neutron apiCalico and how interprets neutron api
Calico and how interprets neutron api
D.Rajesh Kumar
 
Calico with open stack and chef
Calico with open stack and chefCalico with open stack and chef
Calico with open stack and chef
D.Rajesh Kumar
 
Calico with open stack
Calico with open stackCalico with open stack
Calico with open stack
D.Rajesh Kumar
 
Calico with docker
Calico with dockerCalico with docker
Calico with docker
D.Rajesh Kumar
 
Object Store in Mule
Object Store in MuleObject Store in Mule
Object Store in Mule
D.Rajesh Kumar
 
Slack connector with in MULE
Slack connector with in MULESlack connector with in MULE
Slack connector with in MULE
D.Rajesh Kumar
 
MuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionMuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration Solution
D.Rajesh Kumar
 

More from D.Rajesh Kumar (20)

Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0Mule soft meetup_-_finland_september_25th__2020 v2.0
Mule soft meetup_-_finland_september_25th__2020 v2.0
 
Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)Meetup bangalore-sept5th 2020 (1)
Meetup bangalore-sept5th 2020 (1)
 
Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020Mule soft meetup_-_finland_july_11th__2020
Mule soft meetup_-_finland_july_11th__2020
 
Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10Bangalore mulesoft meetup#10
Bangalore mulesoft meetup#10
 
Meetup bangalore 9_novupdated
Meetup bangalore 9_novupdatedMeetup bangalore 9_novupdated
Meetup bangalore 9_novupdated
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019
 
Meetup bangalore june29th2019
Meetup bangalore june29th2019Meetup bangalore june29th2019
Meetup bangalore june29th2019
 
mulesoft meetup @ bangalore
mulesoft meetup @ bangaloremulesoft meetup @ bangalore
mulesoft meetup @ bangalore
 
Meetup_Bangalore_Rajesh
Meetup_Bangalore_RajeshMeetup_Bangalore_Rajesh
Meetup_Bangalore_Rajesh
 
Calico and container
Calico and containerCalico and container
Calico and container
 
Calico docker+ipam
Calico docker+ipamCalico docker+ipam
Calico docker+ipam
 
Calico architecture
Calico architectureCalico architecture
Calico architecture
 
Calico to secure host interfaces
Calico to secure host interfacesCalico to secure host interfaces
Calico to secure host interfaces
 
Calico and how interprets neutron api
Calico and how interprets neutron apiCalico and how interprets neutron api
Calico and how interprets neutron api
 
Calico with open stack and chef
Calico with open stack and chefCalico with open stack and chef
Calico with open stack and chef
 
Calico with open stack
Calico with open stackCalico with open stack
Calico with open stack
 
Calico with docker
Calico with dockerCalico with docker
Calico with docker
 
Object Store in Mule
Object Store in MuleObject Store in Mule
Object Store in Mule
 
Slack connector with in MULE
Slack connector with in MULESlack connector with in MULE
Slack connector with in MULE
 
MuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration SolutionMuleSoft Offers a Data Migration Solution
MuleSoft Offers a Data Migration Solution
 

Recently uploaded

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 

Recently uploaded (20)

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 

Anypoint platform security components

  • 1. Anypoint platform security components -RajeshKumar 1
  • 2. Anypoint platform security components 2 • Anypoint Enterprise Security • API Security Manager • Virtual Private Cloud (VPC)
  • 3. Taking security 3 • MuleSoft’s approach to cloud security is two-folded – MuleSoft actively and consciously avoids inspecting, storing, manipulating, monitoring, or otherwise directly interacting with sensitive customer data – MuleSoft provides a highly secure environment in which customers can perform sensitive data manipulations • A dedicated security team follows industry best practices, runs internal security audits and maintains policies that span operations, data security, passwords and credentials, and secure connectivity
  • 4. Identity authentication mechanisms 4 • User authentication – Username and password credentials – Multi-factor authentication – Token-based credentials • API and server authentication – Public/private key cryptography • User authorization – Role based access control (RBAC) – Attribute based access control (ABAC) – OAuth (2.0) delegated access control • Federated identity management – Single Sign-on
  • 5. Message integrity 5 • Message verifier – Message received by your API is verified as being the same as sent by the client • Digital signatures – Client produces a signature by using an algorithm and a secret code – API applies the same algorithm and code to produce its own signature and compare it against the incoming signature • Message safety – Protection against potentially harmful data in the request – Attacks often come through large XML documents with multiple levels of nested elements
  • 6. Security recommendations 6 • Use “Least Privilege Access” principle • Perform periodic penetration testing • Perform periodic external reviews • Configure Logging and Alerting • Configure secure properties – Optionally consider (centralized) properties management • Credentials management • Tight control on who has administrative access • Use encrypted/secured communications – Both inside and outside the application’s scope
  • 7. Anypoint Enterprise Security 7 • Collection of security features that enforce secure access to information in Mule applications • Provides various methods for applying security to Mule applications • Requires an Enterprise license • Add-on module that needs to be installed in Anypoint Studio • Consists of 6 modules • Suitable for both on-premise and cloudhub applications
  • 8. Enterprise Security modules 8 • Mule Filter Processor – Compares messages with filter criteria before processing – Filter by IP/timestamp features are available • Mule Credentials Vault – Encrypts the property file – Flow can access the data from property files • Mule Message Encryption Processor – Encrypt or Decrypt part of messages or entire payload – JCE Encrypter, XML Encrypter, PGP Encrypter
  • 9. Enterprise Security modules 9 • Mule Secure Token Service (STS) OAuth 2.0a Provider – Security for REST service provider/consumer • Mule Digital Signature Processor – Ensure the integrity and authenticity of the message source • Mule CRC32 processor – Cyclic redundancy check (CRC) to messages to ensure message integrity
  • 10. Virtual Private Cloud (VPC) 10 • The Virtual Private Cloud (VPC) offering allows you to virtually create a private and isolated network in the cloud to host workers • Choose to use this isolated network as it best suites your needs – Host your applications in a VPC and take advantage of its load balancer – Configure your own firewall rules for your VPC – Connect your VPC to your corporate intranet whether on-premises or in other clouds via a VPN connection as if they were all part of a single, private network – Set a private DNS server so the workers hosted in a VPC communicate with your internal network using your private host names