NI
Uploaded byNGINX, Inc.
PDF, PPTX563 views

Application Security with NGINX

The document addresses the challenges of securing modern applications amid the proliferation of architectures and cloud technologies, highlighting the disconnect between DevOps and security operations. It emphasizes the need for integrating security within the CI/CD pipeline and proposes utilizing NGINX solutions like NGINX Plus and NGINX App Protect to address these security challenges effectively. Key solutions include embedding security policies, enhancing application performance, and providing centralized visibility across application services.

Software
Related topics:
Application Security

Embed presentation

Download as PDF, PPTX
NGINX App Sec August 2020 Chris Witeck – Director of Product Management Rajiv Kapoor – Sr Product Marketing Manager Daniel Edgar – Sr Technical Product Manager
| ©2020 F52 SECURING CRITICAL BUSINESS APPLICATIONS WITH NGINX Agenda Challenges with Securing Modern Apps NGINX Portfolio Overview NGINX Plus Application Security NGINX App Protect Demo NGINX Controller Application Security NGINX Offer Summary
| ©2020 F53 Challenges With Securing Modern Apps
| ©2020 F54 DevOps view of SecOpsSecOps view of DevOps SecOps
| ©2020 F55 Application DevelopmentThe Market • Proliferation of architectures, cloud, and open source software has expanded the risk to applications • The same vulnerabilities (e.g. injection, cross-site scripting) continue to exist after 20 years of application security best practices • Organizations lack consistent policy to manage the growing complexity and risk of managing/tuning application security • cost of security breaches -- downtime/lost revenue • Application development has transformed to agile while security largely remains a manual effort • Developers and DevOps outnumber security professionals by as much as 100:1 • Time to market pressure, friction between AppDev/DevOps and SecOps, and perception of security as a bottleneck results in poor testing, process, oversight Pain points
| ©2020 F56 DevOpsSecOps AppDev • Understaffed and struggle to keep up with rapidly changing threats • Business leaders consider Compliance Vs Security the goal • Inconsistent security policies spanning multiple architectures, clouds and tool sprawl creates risk • Security slows down the application lifecycle and is perceived as a bottleneck • CI/CD pipelines that automate app development/deployment lack security • Business imperatives and incentives such as time to market compel DevOps to bypass SecOps. DevOps KPIs do not include security-related metrics • Developer training on security is lacking • Developers are focused on modern app development and are not able to stay abreast of the security landscape • Cloud and open-source software introduce unknown risks to the business Pain points
| ©2020 F57 DEVOPS / APPLICATIONS NETOPS / OPERATIONS Application Business Logic End User Most applications require numerous application services between the code and the customer APPLICATION DELIVERY ExamplesAPI gateway Ingress controller App / web server Load balancer
| ©2020 F58 DEVOPS / APPLICATIONS NETOPS / OPERATIONS What challenges emerge when security enters the picture? DEVSECOPS Application business logic End-user APPLICATION SECURITY APPLICATION DELIVERY
| ©2020 F59 Application business logic End-user The Modern Application Security Challenge: Operational silos, complexity, and ultimately friction API gateway Web app firewall Ingress controller App / web server Denial of service Anti-fraud & anti-bot Load balancer Secure access Traditional 3-Tier Microservices App architectures & infrastructure environments APPLICATION SECURITY Examples APPLICATION DELIVERY Examples DEVOPS / APPLICATIONS DEVSECOPS NETOPS / OPERATIONS
| ©2020 F510 App services must include both app delivery and app security, which reinforce each other through visibility and controls APPLICATION SECURITY APPLICATION DELIVERY Visibility Controls Application Business Logic End User DEVOPS / APPLICATIONS NETOPS / OPERATIONS DEVSECOPS Visibility across app services More easily embed security along the data path Apply policies and controls consistently
| ©2020 F511 Layered on top should include a mature control plane to orchestrate & automate app services APPLICATION SECURITY APPLICATION DELIVERY Application Business Logic End User APPLICATION INSIGHTS, AUTOMATION & ORCHESTRATION Simplify operational complexity Provide business insights and value Secure modern applications
| ©2020 F512 NGINX Application Security
| ©2020 F513 Addressing application security challenges Embed Security Policy Your Pipeline Secure Modern Apps Improve App Performance “Docker instances that have an unprotected port are used to instantiate a container running Ubuntu Linux, install a download utility, and then execute a 600-line program written in the Go programming language. The script attempts to turn off security, stop any competing cryptominers, and download the malicious cryptominer known as "Kinsing." – Dark Reading, April 2020 “many security and compliance monitoring tools have not kept up with this pace of change, as they simply weren’t built to test code at the speed DevOps requires. This has only solidified the view that security is the biggest block to rapid application development…” – What is DevSecOps? CSO Online Jan 2018 “Tools that don’t integrate into the Software Development Lifecycle disrupt DevSecOps initiatives and development processes, rather than supporting them.” – The challenges of shifting to DevSecOps- ITProPortal, Sept 2018
| ©2020 F514 Addressing application security challenges Embed Security Policy Your Pipeline Integrate security controls directly into your pipeline with security as code. Secure Modern Apps Strong security controls for microservices, containers, APIs, and other modern topologies. Improve App Performance The high performance WAF drives down operational costs and improve user the user experience without compromising security. security policies and protection optimized for DevOps workflow secure apps for any environment with consistency and centralized visibility security services and tools adaptable per app & technology NGINX Investments “Focus on Guardrails vs Gates” “Build Once, Run Anywhere” “Adaptive & Scalable App Services"
| ©2020 F515 NGINX Portfolio
NGINX Plus Application Security
Platform control planes Legacy NGINX Controller ● F5 BIG-IQ ● Third-party ecosystems ● Build Your Own Eliminate tool sprawl | Lightweight and highly portable | Abstract underlying infrastructure NGINX Plus NGINX App Protect
Strong App Security Built for Modern App Architectures CI/CD Friendly NGINX App Protect
| ©2020 F520 NGINX App Protect Deployment Options Edge Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Multiple locations to deploy Application Services: 1. Edge: External load balancers and proxies 2. Ingress Controller: Entry-point into Kubernetes 3. Per-Service Proxy: Interior service proxy tier 4. Per-Pod Proxy: Proxy embedded in pod 1 23 4
| ©2020 F521 NGINX App Protect Demo
| ©2020 F522 NGINX Controller Application Security
| ©2020 F5 NETWORKS23 CONFIDENTIAL NGINX Controller Innovations Seamless NGINX Plus Management App-Centric User Interface Visibility & Reporting Modular, Cross- Team Workflows APP Fastest, most lightweight and deployable across more platforms anyone Configuration and visibility aligned to how teams develop applications Detailed visibility into NGINX Plus deployment, and app centric analytics Consolidates team workflows and use cases Automation- Driven Configuration API Automates services deployment across pipelines reducing overhead & complexity
| ©2020 F5 NETWORKS24 Respond with Intelligent Insights Simplify Code to Customer Delivery Empower with Self- Service NGINX Controller Future Add-On
| ©2020 F5 NETWORKS25 SUMMER BETA, FALL COMMERCIAL AVAILABILITY NGINX Controller App Security
NGINX Controller App Sec Module (Summer/Fall 2020) AppSec Offer Summary NGINX App Protect for NGINX Plus (available now) ModSecurity for NGINX Plus (available now) ModSecurity OSS (available now) à Compliance Requirements – Higher Performance – Easier Tuning à Individual App/ Infrastructure Emphasis Enterprise Emphasis w/ App Centric Controls and DevOps Ease of Use Free
NGINX App Protect 1. Request a free trial of NGINX App Protect: https://www.nginx.com/free-trial-request/ 2. Learn more : https://www.nginx.com/products/nginx- app-protect/ NGINX Controller 1. Request a free trial of NGINX Controller: https://www.nginx.com/free-trial-request-nginx- controller/ 2. Learn more: https://www.nginx.com/products/nginx- Want to Learn More?
| ©2018 F5 NETWORKS28

More Related Content

PDF
Secured APIM-as-a-Service
byNGINX, Inc.
 
PDF
Get the Most Out of Kubernetes with NGINX
byNGINX, Inc.
 
PDF
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
PDF
Découvrez NGINX AppProtect
byNGINX, Inc.
 
PDF
Nim tames sprawl
byNGINX, Inc.
 
PPTX
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PPTX
NGINX: Back to Basics – APCJ
byNGINX, Inc.
 
PDF
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
byNGINX, Inc.
 
Secured APIM-as-a-Service
byNGINX, Inc.
 
Get the Most Out of Kubernetes with NGINX
byNGINX, Inc.
 
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
Découvrez NGINX AppProtect
byNGINX, Inc.
 
Nim tames sprawl
byNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
NGINX: Back to Basics – APCJ
byNGINX, Inc.
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
byNGINX, Inc.
 

What's hot

PDF
Application Security with NGINX | APAC
byNGINX, Inc.
 
PDF
How to Get Started With NGINX
byNGINX, Inc.
 
PDF
What's New with NGINX Application Security Solutions
byNGINX, Inc.
 
PDF
NGINX DevSecOps Workshop
byNGINX, Inc.
 
PPTX
NGINX Basics and Best Practices Workshop
byNGINX, Inc.
 
PDF
Demystifying AuthN/AuthZ Using OIDC & OAuth2
byNGINX, Inc.
 
PPTX
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
byOlivia LaMar
 
PPTX
API Workloads on Kubernetes | Show Code Part 4
byNGINX, Inc.
 
PDF
Monitoring NGINX Deployments with Sumo Logic
byNGINX, Inc.
 
PDF
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
byNGINX, Inc.
 
PPTX
NGINX Unit at Scale: Use Cases and the Future of Unit
byNGINX, Inc.
 
PDF
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PDF
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
byNGINX, Inc.
 
PPTX
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
byNGINX, Inc.
 
PPTX
Migrating from BIG-IP Deployment to NGINX ADC
byNGINX, Inc.
 
PPTX
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
byNGINX, Inc.
 
PPTX
Controller and Coffee: Deliver APIs in Real Time with API Management
byNGINX, Inc.
 
PDF
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
byNGINX, Inc.
 
PPTX
Deployment Patterns for API gateways
byNGINX, Inc.
 
PPTX
Production-Grade Kubernetes With NGINX Ingress Controller
byNGINX, Inc.
 
Application Security with NGINX | APAC
byNGINX, Inc.
 
How to Get Started With NGINX
byNGINX, Inc.
 
What's New with NGINX Application Security Solutions
byNGINX, Inc.
 
NGINX DevSecOps Workshop
byNGINX, Inc.
 
NGINX Basics and Best Practices Workshop
byNGINX, Inc.
 
Demystifying AuthN/AuthZ Using OIDC & OAuth2
byNGINX, Inc.
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
byOlivia LaMar
 
API Workloads on Kubernetes | Show Code Part 4
byNGINX, Inc.
 
Monitoring NGINX Deployments with Sumo Logic
byNGINX, Inc.
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
byNGINX, Inc.
 
NGINX Unit at Scale: Use Cases and the Future of Unit
byNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
byNGINX, Inc.
 
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
byNGINX, Inc.
 
Migrating from BIG-IP Deployment to NGINX ADC
byNGINX, Inc.
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
byNGINX, Inc.
 
Controller and Coffee: Deliver APIs in Real Time with API Management
byNGINX, Inc.
 
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
byNGINX, Inc.
 
Deployment Patterns for API gateways
byNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
byNGINX, Inc.
 

Similar to Application Security with NGINX

PDF
IDM Crack 2025 Internet Download Manger Patch
bywistrendugftr
 
PDF
Movavi Screen Recorder Studio 22.5.2 Crack
byaladdinkhana47
 
PDF
IObit Uninstaller Pro Crack 13.2.0.5 + Key Download 2025
bymaharajput103
 
PPTX
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
byNGINX, Inc.
 
PDF
Secure Your Kubernetes Apps from Attacks with NGINX
byNGINX, Inc.
 
PPTX
Gain multi-cloud versatility with software load balancing designed for cloud-...
byAshnikbiz
 
PDF
Driving success in the cloud with NGINX
byNGINX, Inc.
 
PDF
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
PDF
Call of Duty: Warzone for Windows With Crack Free Download 2025
byIobit Uninstaller Pro Crack
 
PDF
Grand Theft Auto 6 PC Game Cracked Full Setup Download
byIobit Uninstaller Pro Crack
 
PDF
SamFw Tool v4.9 Samsung Frp Tool Free Download
byIobit Uninstaller Pro Crack
 
PDF
IObit Uninstaller Pro Crack {2025} Download Free
byIobit Uninstaller Pro Crack
 
PDF
Nginx app protect-for-meetup-v1.0-202006_lk
byJuraj Hantak
 
PPTX
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
PPTX
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
PDF
NGINX Controller: faster deployments, fewer headaches
byKangaroot
 
PDF
Putting the Sec into DevOps
byMaytal Levi
 
PDF
Making App Security and Delivery Ridiculously Easy
byCristian Garcia G.
 
PDF
InfoQ_NGINX_Fundamentals_of_Microservices.pptx.pdf
byusmanpk
 
PPTX
Enhanced Security and Visibility for Microservices Applications
byAkshay Mathur
 
IDM Crack 2025 Internet Download Manger Patch
bywistrendugftr
 
Movavi Screen Recorder Studio 22.5.2 Crack
byaladdinkhana47
 
IObit Uninstaller Pro Crack 13.2.0.5 + Key Download 2025
bymaharajput103
 
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
byNGINX, Inc.
 
Secure Your Kubernetes Apps from Attacks with NGINX
byNGINX, Inc.
 
Gain multi-cloud versatility with software load balancing designed for cloud-...
byAshnikbiz
 
Driving success in the cloud with NGINX
byNGINX, Inc.
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
Call of Duty: Warzone for Windows With Crack Free Download 2025
byIobit Uninstaller Pro Crack
 
Grand Theft Auto 6 PC Game Cracked Full Setup Download
byIobit Uninstaller Pro Crack
 
SamFw Tool v4.9 Samsung Frp Tool Free Download
byIobit Uninstaller Pro Crack
 
IObit Uninstaller Pro Crack {2025} Download Free
byIobit Uninstaller Pro Crack
 
Nginx app protect-for-meetup-v1.0-202006_lk
byJuraj Hantak
 
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
NGINX Controller: faster deployments, fewer headaches
byKangaroot
 
Putting the Sec into DevOps
byMaytal Levi
 
Making App Security and Delivery Ridiculously Easy
byCristian Garcia G.
 
InfoQ_NGINX_Fundamentals_of_Microservices.pptx.pdf
byusmanpk
 
Enhanced Security and Visibility for Microservices Applications
byAkshay Mathur
 

More from NGINX, Inc.

PDF
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
PDF
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
PDF
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
PPTX
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
PPTX
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
PDF
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
PDF
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
PDF
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
PDF
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
PDF
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
PDF
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
PDF
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
PPTX
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
PPTX
NGINX Kubernetes API
byNGINX, Inc.
 
PPTX
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
PPTX
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
PPTX
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 
PDF
Kubernetes環境で実現するWebアプリケーションセキュリティ
byNGINX, Inc.
 
PDF
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...
byNGINX, Inc.
 
PDF
Open Sourcing NGINX Agent and Demo
byNGINX, Inc.
 
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
NGINX Kubernetes API
byNGINX, Inc.
 
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 
Kubernetes環境で実現するWebアプリケーションセキュリティ
byNGINX, Inc.
 
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...
byNGINX, Inc.
 
Open Sourcing NGINX Agent and Demo
byNGINX, Inc.
 

Recently uploaded

PDF
Ecommerce Website Development Services - Web Panel Solutions.pdf
byWEB PANEL SOLUTIONS
 
PDF
On Demand Massage Therapist Booking App Development
byV3CUBE TECHNOLABS
 
PDF
Versnel innovatie met GitHub Enterprise - Rick Smit GitHub
byDelta-N
 
PDF
Build Modern Applications with Amazon Aurora DSQL- AWS User Group Bonn 2026
byVadym Kazulkin
 
PDF
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
PPTX
Data Skills for Business Analysts: What You Need to Succeed
byScott W. Ambler
 
PDF
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
PPTX
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
PPTX
Pitch Deck for MEVIA OS - No Apps, Infinite, Decentralized Operating System
byDr. Edwin Hernandez
 
PDF
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
PDF
Metrics, Logs, Traces, and Mayhem_ Introducing an observability adventure gam...
byImma Valls Bernaus
 
PPTX
Chapter Two Logic and Language - Copy.pptx
byGediyonBelay
 
PDF
HuemanAI Platform Overview.pptx (1) (2).pdf
byAnkur Handoo
 
PDF
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
PDF
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
PPTX
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
PDF
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
PDF
Jira, Powered by Enterprise-Grade Intelligence from NeoroTalks.pdf
byNeoro Talks
 
PPTX
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
PDF
Building Smarter AI: 16 RAG Approaches for Accuracy, Memory, and Reasoning Vi...
byVineet Sharma
 
Ecommerce Website Development Services - Web Panel Solutions.pdf
byWEB PANEL SOLUTIONS
 
On Demand Massage Therapist Booking App Development
byV3CUBE TECHNOLABS
 
Versnel innovatie met GitHub Enterprise - Rick Smit GitHub
byDelta-N
 
Build Modern Applications with Amazon Aurora DSQL- AWS User Group Bonn 2026
byVadym Kazulkin
 
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
Data Skills for Business Analysts: What You Need to Succeed
byScott W. Ambler
 
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
Pitch Deck for MEVIA OS - No Apps, Infinite, Decentralized Operating System
byDr. Edwin Hernandez
 
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
Metrics, Logs, Traces, and Mayhem_ Introducing an observability adventure gam...
byImma Valls Bernaus
 
Chapter Two Logic and Language - Copy.pptx
byGediyonBelay
 
HuemanAI Platform Overview.pptx (1) (2).pdf
byAnkur Handoo
 
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
Jira, Powered by Enterprise-Grade Intelligence from NeoroTalks.pdf
byNeoro Talks
 
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
Building Smarter AI: 16 RAG Approaches for Accuracy, Memory, and Reasoning Vi...
byVineet Sharma
 

Application Security with NGINX

  • 1.
    NGINX App Sec August2020 Chris Witeck – Director of Product Management Rajiv Kapoor – Sr Product Marketing Manager Daniel Edgar – Sr Technical Product Manager
  • 2.
    | ©2020 F52 SECURINGCRITICAL BUSINESS APPLICATIONS WITH NGINX Agenda Challenges with Securing Modern Apps NGINX Portfolio Overview NGINX Plus Application Security NGINX App Protect Demo NGINX Controller Application Security NGINX Offer Summary
  • 3.
    | ©2020 F53 ChallengesWith Securing Modern Apps
  • 4.
    | ©2020 F54 DevOpsview of SecOpsSecOps view of DevOps SecOps
  • 5.
    | ©2020 F55 ApplicationDevelopmentThe Market • Proliferation of architectures, cloud, and open source software has expanded the risk to applications • The same vulnerabilities (e.g. injection, cross-site scripting) continue to exist after 20 years of application security best practices • Organizations lack consistent policy to manage the growing complexity and risk of managing/tuning application security • cost of security breaches -- downtime/lost revenue • Application development has transformed to agile while security largely remains a manual effort • Developers and DevOps outnumber security professionals by as much as 100:1 • Time to market pressure, friction between AppDev/DevOps and SecOps, and perception of security as a bottleneck results in poor testing, process, oversight Pain points
  • 6.
    | ©2020 F56 DevOpsSecOpsAppDev • Understaffed and struggle to keep up with rapidly changing threats • Business leaders consider Compliance Vs Security the goal • Inconsistent security policies spanning multiple architectures, clouds and tool sprawl creates risk • Security slows down the application lifecycle and is perceived as a bottleneck • CI/CD pipelines that automate app development/deployment lack security • Business imperatives and incentives such as time to market compel DevOps to bypass SecOps. DevOps KPIs do not include security-related metrics • Developer training on security is lacking • Developers are focused on modern app development and are not able to stay abreast of the security landscape • Cloud and open-source software introduce unknown risks to the business Pain points
  • 7.
    | ©2020 F57 DEVOPS/ APPLICATIONS NETOPS / OPERATIONS Application Business Logic End User Most applications require numerous application services between the code and the customer APPLICATION DELIVERY ExamplesAPI gateway Ingress controller App / web server Load balancer
  • 8.
    | ©2020 F58 DEVOPS/ APPLICATIONS NETOPS / OPERATIONS What challenges emerge when security enters the picture? DEVSECOPS Application business logic End-user APPLICATION SECURITY APPLICATION DELIVERY
  • 9.
    | ©2020 F59 Application businesslogic End-user The Modern Application Security Challenge: Operational silos, complexity, and ultimately friction API gateway Web app firewall Ingress controller App / web server Denial of service Anti-fraud & anti-bot Load balancer Secure access Traditional 3-Tier Microservices App architectures & infrastructure environments APPLICATION SECURITY Examples APPLICATION DELIVERY Examples DEVOPS / APPLICATIONS DEVSECOPS NETOPS / OPERATIONS
  • 10.
    | ©2020 F510 Appservices must include both app delivery and app security, which reinforce each other through visibility and controls APPLICATION SECURITY APPLICATION DELIVERY Visibility Controls Application Business Logic End User DEVOPS / APPLICATIONS NETOPS / OPERATIONS DEVSECOPS Visibility across app services More easily embed security along the data path Apply policies and controls consistently
  • 11.
    | ©2020 F511 Layeredon top should include a mature control plane to orchestrate & automate app services APPLICATION SECURITY APPLICATION DELIVERY Application Business Logic End User APPLICATION INSIGHTS, AUTOMATION & ORCHESTRATION Simplify operational complexity Provide business insights and value Secure modern applications
  • 12.
    | ©2020 F512 NGINXApplication Security
  • 13.
    | ©2020 F513 Addressingapplication security challenges Embed Security Policy Your Pipeline Secure Modern Apps Improve App Performance “Docker instances that have an unprotected port are used to instantiate a container running Ubuntu Linux, install a download utility, and then execute a 600-line program written in the Go programming language. The script attempts to turn off security, stop any competing cryptominers, and download the malicious cryptominer known as "Kinsing." – Dark Reading, April 2020 “many security and compliance monitoring tools have not kept up with this pace of change, as they simply weren’t built to test code at the speed DevOps requires. This has only solidified the view that security is the biggest block to rapid application development…” – What is DevSecOps? CSO Online Jan 2018 “Tools that don’t integrate into the Software Development Lifecycle disrupt DevSecOps initiatives and development processes, rather than supporting them.” – The challenges of shifting to DevSecOps- ITProPortal, Sept 2018
  • 14.
    | ©2020 F514 Addressingapplication security challenges Embed Security Policy Your Pipeline Integrate security controls directly into your pipeline with security as code. Secure Modern Apps Strong security controls for microservices, containers, APIs, and other modern topologies. Improve App Performance The high performance WAF drives down operational costs and improve user the user experience without compromising security. security policies and protection optimized for DevOps workflow secure apps for any environment with consistency and centralized visibility security services and tools adaptable per app & technology NGINX Investments “Focus on Guardrails vs Gates” “Build Once, Run Anywhere” “Adaptive & Scalable App Services"
  • 15.
  • 16.
  • 17.
    Platform control planes LegacyNGINX Controller ● F5 BIG-IQ ● Third-party ecosystems ● Build Your Own Eliminate tool sprawl | Lightweight and highly portable | Abstract underlying infrastructure NGINX Plus NGINX App Protect
  • 18.
    Strong App Security Built forModern App Architectures CI/CD Friendly NGINX App Protect
  • 19.
    | ©2020 F520 NGINXApp Protect Deployment Options Edge Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Multiple locations to deploy Application Services: 1. Edge: External load balancers and proxies 2. Ingress Controller: Entry-point into Kubernetes 3. Per-Service Proxy: Interior service proxy tier 4. Per-Pod Proxy: Proxy embedded in pod 1 23 4
  • 20.
    | ©2020 F521 NGINXApp Protect Demo
  • 21.
    | ©2020 F522 NGINXController Application Security
  • 22.
    | ©2020 F5NETWORKS23 CONFIDENTIAL NGINX Controller Innovations Seamless NGINX Plus Management App-Centric User Interface Visibility & Reporting Modular, Cross- Team Workflows APP Fastest, most lightweight and deployable across more platforms anyone Configuration and visibility aligned to how teams develop applications Detailed visibility into NGINX Plus deployment, and app centric analytics Consolidates team workflows and use cases Automation- Driven Configuration API Automates services deployment across pipelines reducing overhead & complexity
  • 23.
    | ©2020 F5NETWORKS24 Respond with Intelligent Insights Simplify Code to Customer Delivery Empower with Self- Service NGINX Controller Future Add-On
  • 24.
    | ©2020 F5NETWORKS25 SUMMER BETA, FALL COMMERCIAL AVAILABILITY NGINX Controller App Security
  • 25.
    NGINX Controller AppSec Module (Summer/Fall 2020) AppSec Offer Summary NGINX App Protect for NGINX Plus (available now) ModSecurity for NGINX Plus (available now) ModSecurity OSS (available now) à Compliance Requirements – Higher Performance – Easier Tuning à Individual App/ Infrastructure Emphasis Enterprise Emphasis w/ App Centric Controls and DevOps Ease of Use Free
  • 26.
    NGINX App Protect 1.Request a free trial of NGINX App Protect: https://www.nginx.com/free-trial-request/ 2. Learn more : https://www.nginx.com/products/nginx- app-protect/ NGINX Controller 1. Request a free trial of NGINX Controller: https://www.nginx.com/free-trial-request-nginx- controller/ 2. Learn more: https://www.nginx.com/products/nginx- Want to Learn More?
  • 27.
    | ©2018 F5NETWORKS28