SlideShare a Scribd company logo

Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security

S
Stephanie Lawrence

MuleSoft's Anypoint Runtime Fabric is a container service that brings cloud benefits to "on-premise" Mule app deployments. However, if you are familiar with how to secure CloudHub applications, you'll quickly learn that the way to secure Runtime Fabric applications is quite different. By attending this Meetup, you'll learn the nuances of securing your Runtime Fabric applications. Big Compass' MuleSoft Practice Manager, Brian Statkevicus, and one of Big Compass' MuleSoft Consultants, Connor Fitzgerald, will cover the following topics: * A brief introduction to Anypoint Runtime Fabric (RTF) * Secure your RTF deployment * Secure your APIs from a variety of threats, both external and internal * Secure your at-rest configuration properties * Secure your in-flight data through Tokenization After this Meetup, you'll know what to expect when you develop your RTF security strategy.

Technology
1 of 50
Download to read offline
May 19, 2021 Denver (Virtual) MuleSoft Meetup Group Deep Dive into Anypoint Runtime Fabric Security
2 ● 6:30 - 6:35 - Attendees join Meetup ● 6:35 - 6:40 - Introductions ● 6:40 - 7:50 - Deep Dive into Anypoint Runtime Fabric Security ● 7:50 - 8:00 - Wrap up and next Meetup ● 8:00 - Meetup concludes Agenda
3 ● About Big Compass: ○ Stephanie Lawrence ○ Linda Gunn ○ Brian Statkevicus Introductions Use Chat - tell us where you are joining us from
4 ● Use Chat ● One answer per person per question ○ If you answer more than 1x per question, you are ineligible for that question ● If you’ve already won during today’s Meetup, you cannot win again ● Big Compass makes the final decision on the trivia winners that will be submitted to MuleSoft (see next slide) Trivia Questions - “House Rules” More important Trivia guidelines on next slide
5 ● Big Compass emails trivia winners a link to a Google Form for the trivia winners to complete ● Once you complete this form, MuleSoft will verify: ○ You haven’t already won this month ○ You’re not trying other means to circumvent the 1x/month rule ● MuleSoft will send you the voucher ○ The voucher is a training voucher, not a standalone exam voucher. If you select an exam on the Google Form as opposed to selecting a course, you will not receive a voucher. ○ MuleSoft retains the final decision on determining your eligibility to receive a training voucher ● If you have trouble redeeming a voucher or have not received a voucher, open a ticket at training.mulesoft.com/question. DO NOT CONTACT US! Trivia Questions - MuleSoft Guidelines
Forward-looking statements 6 "Safe harbor" statement under the Private Securities Litigation Reform Act of 1995: This presentation contains forward-looking statements about the company's financial and operating results, which may include expected GAAP and non-GAAP financial and other operating and non-operating results, including revenue, net income, diluted earnings per share, operating cash flow growth, operating margin improvement, expected revenue growth, expected current remaining performance obligation growth, expected tax rates, stock-based compensation expenses, amortization of purchased intangibles, shares outstanding, market growth, environmental, social and governance goals and expected capital allocation, including mergers and acquisitions, capital expenditures and other investments. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, the company’s results could differ materially from the results expressed or implied by the forward-looking statements it makes. The risks and uncertainties referred to above include -- but are not limited to -- risks associated with the effect of general economic and market conditions; the impact of geopolitical events, natural disasters and actual or threatened public health emergencies, such as the ongoing Coronavirus pandemic; the impact of foreign currency exchange rate and interest rate fluctuations on our results; our business strategy and our plan to build our business, including our strategy to be the leading provider of enterprise cloud computing applications and platforms; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; the competitive nature of the market in which we participate; our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations, including as a result of acquisitions; our service performance and security, including the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate potential security breaches; the expenses associated with our data centers and third-party infrastructure providers; additional data center capacity; real estate and office facilities space; our operating results and cash flows; new services and product features, including any efforts to expand our services beyond the CRM market; our strategy of acquiring or making investments in complementary businesses, joint ventures, services, technologies and intellectual property rights; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; our ability to realize the benefits from strategic partnerships, joint ventures and investments; the impact of future gains or losses from our strategic investment portfolio, including gains or losses from overall market conditions that may affect the publicly traded companies within our strategic investment portfolio; our ability to execute our business plans; our ability to successfully integrate acquired businesses and technologies; our ability to continue to grow unearned revenue and remaining performance obligation; our ability to protect our intellectual property rights; our ability to develop our brands; our reliance on third-party hardware, software and platform providers; our dependency on the development and maintenance of the infrastructure of the Internet; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy, cross-border data transfers and import and export controls; the valuation of our deferred tax assets and the release of related valuation allowances; the potential availability of additional tax assets in the future; the impact of new accounting pronouncements and tax laws; uncertainties affecting our ability to estimate our tax rate; uncertainties regarding our tax obligations in connection with potential jurisdictional transfers of intellectual property, including the tax rate, the timing of the transfer and the value of such transferred intellectual property; the impact of expensing stock options and other equity awards; the sufficiency of our capital resources; factors related to our outstanding debt, revolving credit facility and loan associated with 50 Fremont; compliance with our debt covenants and lease obligations; current and potential litigation involving us; and the impact of climate change. Further information on these and other factors that could affect the company’s financial results is included in the reports on Forms 10-K, 10-Q and 8-K and in other filings it makes with the Securities and Exchange Commission from time to time. These documents are available on the SEC Filings section of the Investor Information section of the company’s website at. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements, except as required by law.
Customer perspective
Moving from On-Prem to Runtime Fabric Achieving Top Notch Security in RTF ● How do we secure secrets? ● How do we leverage what is already available in MuleSoft to secure our precious data assets? ● What is the best way to go about encryption of properties at rest? ● When does tokenization come in? How is it different from encryption? What are the benefits of doing one over the other? ● What other aspects of security do we have to consider when we deploy our API’s to Runtime Fabric? ● What are the risks involved if we do not employ certain techniques to secure our API’s? ● What is the most important thing we must do to achieve security in the Runtime Fabric environment? 8
Speakers 9 Brian Statkevicus MuleSoft Practice Manager, Big Compass Connor Fitzgerald Senior Consultant, Big Compass
Runtime Fabric Overview
Anypoint Runtime Fabric VM Mule App VM Mule App Mule App Runtime Fabric components Runtime Fabric appliance Mule App network Runtime Fabric Mule App Mule App VM Runtime Fabric orchestrates and automates the deployment of Mule runtimes into containers in any cloud or on-premises environment Benefits ● Easily manage via the control plane hosted by MuleSoft ● Deploy consistently across any cloud or data center ● Run multiple runtime versions in the same Runtime Fabric ● Scale horizontally and redeploy w/ zero-downtime ● Flexible deployment upon existing infrastructure or managed K8s services Overview
Deploy and manage runtimes on AKS, EKS, or GKE Runtime Fabric on AKS, EKS, and GKE Extend control plane benefits to runtimes on your AKS, EKS, or GKE ● Customer gets the latest management and monitoring features of Anypoint Platform Decouple Mule runtime services from your own infrastructure ● Give your ops teams the power to use their infrastructure how they want 12 CUSTOMER’S NETWORK Mule App Mule App Mule App Runtime Fabric services Mule App Mule App Mule App Mule App Mule App Mule App Runtime Plane CONTROL PLANE Kubernetes-as-a-Service Available now GKE
Deploy and manage across any K8s service Deploy across private clouds Open K8s access to managed providers Expanded K8s access on managed providers Across any K8s service EKS AKS GKE ● Deploy standalone cluster within AWS, Azure, or on-prem ● Use K8s and docker without K8s expertise ● Install RTF services into private K8s environment ● Open access for customers with existing K8s expertise ● COMING SOON! Support for OpenShift container platform ● COMING SOON! Run Mule and non-Mule workloads on the same K8s environment ● Open support for any managed service built on K8s ● Deploy across any K8s environment
How it works
Appliance vs EKS, AKS, & GKE Runtime Fabric Appliance VM Mule App VM Mule App Mule App Runtime Fabric components Runtime Fabric appliance Mule App network Runtime Fabric appliance Mule App Mule App VM Managed by Customer Managed within Anypoint Platform Customers bring their own hardware and networking, and install Runtime Fabric on top of it. ● Self-contained appliance-model ● Customers maintain the infrastructure ● MuleSoft maintains the Kubernetes stack, RTF services and Mule deployments
Appliance vs EKS, AKS, & GKE Runtime Fabric is delivered to customers as a package of components that run on top of an existing EKS, AKS, or GKE environment. Customers bring their own Kubernetes, ingress controller, and external log forwarding and install RTF within it. Customers maintain the health of Kubernetes, and MuleSoft maintains the RTF services and Mule deployments. Runtime Fabric on EKS / AKS / GKE Node Mule App Node Mule App Mule App Runtime Fabric services EKS or AKS Mule App network Runtime Fabric on EKS / AKS Mule App Mule App Node Managed by K8s specialist Managed within Anypoint Platform
Controller nodes Worker nodes Internal load balancer Internal load balancer Internal load balancer Mule App3 Mule App4 Mule App1 Mule App2 Mule App5 Mule App6 Mule App1 Mule App2 Mule App7 Mule App8 Mule App5 Mule App6 TCP load balancer Control plane Agent Agent Agent INTERNET CUSTOMER NETWORK Production Configuration Runtime Fabric Appliance
Runtime Fabric on EKS/ AKS / GKE Default configuration Worker nodes Ingress controller Ingress controller Mule App3 Mule App4 Mule App1 Mule App2 Mule App5 Mule App6 Mule App1 Mule App2 Mule App7 Mule App8 Mule App5 Mule App6 TCP load balancer Control plane Agent INTERNET CUSTOMER NETWORK AKS, EKS, or GKE
● EKS / AKS / GKE are highly available and managed by cloud provider. ● Managed worker nodes simplify node scaling and upgrades. ● More customizable to your organization’s environment. ● Choose your own ingress controller and log forwarding agents. Lower Cost Benefits of RTF on EKS / AKS / GKE More Flexible ● EKS / AKS/ GKE replaces the controller nodes. ● Pricing for Kubernetes services provided by IaaS Less Overhead
Key Changes RTF on EKS/AKS/GKE RTF appliance Support for deploying Mules and API Gateways Supported. Supported. Kubernetes and Docker Customers bring their own K8S via provisioning EKS or AKS or GKE clusters. MuleSoft supplies Docker images Included. Support for installing on any Linux distribution Supported. RHEL and CentOS only. Support for node auto-scaling Supported using Azure, AWS, or Google settings Not supported. Support for external log forwarding Customers bring their own external log forwarder. Included. Support for internal load balancer Customers bring their own internal load balancer (called “Ingress Controller”) Included.
Key Changes (cont) RTF on EKS/AKS/GKE RTF appliance Support for Anypoint Security Edge Not supported. Supported. Ops Center Not included. Customers can enable similar monitoring and alerting from Cloud console Included. Support for Persistence Gateway (new in v1.9.1 - Apr 20, 2021 release). Permits data storage and sharing across Mule application replicas and restarts Supported. Supported. Tutorials on how to get started with RTF on EKS/AKS/GKE are here: https://developer.mulesoft.com/tutorials-and-howtos
Trivia Question #1 Which of the following do VM/Bare metal RTF installations provide that Self-Managed Kubernetes DO NOT? A. Ability to run multiple Mule runtime versions B. Node autoscaling C. Ability to deploy applications from Runtime Manager D. Resource and Infrastructure monitoring via Ops Center
Runtime Fabric Security
24 ● Network: RTF Network Security ● API: RTF API Security ● Credentials: Encrypting properties at rest ● Data: Tokenization Service RTF Security
Network: RTF Network Security
26 Recommended Network Configuration This is the default recommended configuration. Note the following in this diagram: ● 3 controller nodes, 3 worker nodes. This configuration enables fault tolerance if you lose one controller node. Agents are deployed to controller nodes. ● External load balancer forwards request to available internal load balancer. ● Internal load balancer decrypts request and sends request to available replica of the Mule app ● All nodes are on the same subnet. This is the recommended configuration for latency reasons and networking simplicity.
27 Network Security Best Practices Based on this diagram: ● Ensure only IP addresses that are required are open ● Ensure only ports that are required are open ● Use an external balancer. This ensures that Ingress communication is limited to a trusted source (the external load balancer) ● You can deploy using a private and public subnet model. Be aware if you set this model up you will need to communicate over low latency across subnets.
API: RTF API Security
29 ● Uses multiple components to protect at multiple layers ● Generally viewed as a best practice ○ Each layer has a “backup” to counter any flaws or gaps in a particular layer ○ Usually superior to a single defense layer ● Drawbacks: ○ Can be costly depending on the components used ○ Can negatively impact performance Layered Security
30 ● Protects against “brute force” and other simple attacks ● Gateway Security measures include ○ OAuth 2.0 ○ Rate limiting ○ IP whitelisting/blacklisting ○ Client ID/Secret ○ JWT ○ SAML First layer - API Gateway
31 ● WAF (Web Application Firewall) and RASP (Runtime Application Self Protection) protect against some of the OWASP “Top 10” attacks https://owasp.org/www-project-top-ten/ ● When combined with API Gateway, can defend against: ○ SQL Injection ○ XML Threat ○ Cross site scripting ○ DoS Second layer - WAF/RASP
32 ● Implements “Zero-Trust” Security ● Last line of defense that models API behavior ● Can detect deviations from normal behavior ● Protects against: ○ Stolen tokens and credentials ○ Insider threats ○ Authenticated access Third layer - ML/AI
33 ● Used to apply “Edge” Security policies ○ DoS ○ IP Whitelist ○ HTTP Limits (size and headers only) ○ WAF ● Applies to all applications in RTF ● Can still configure individual application policies using API Manager ● Does not provide ML/AI layer of protection ○ A custom policy plus a 3rd party solution will enable this layer of security ● NOT supported on EKS/AKS/GKE deployments Anypoint Security
Credentials: Encrypting Properties at Rest
The Challenge ● Enterprise Information Systems (EISs) need credentials ○ Often use “service accounts” for automated integration solutions ○ These credentials may be subject to routine maintenance (i.e. change every 90 days) ● Other sensitive information may need to be secured ○ URLs ○ IP Addresses ● Storing these credentials in plain text is a sure-fire way to fail a security audit!
Step #1 - Secure Configuration Properties Secure Configuration Properties ○ Uses https://docs.mulesoft.com/downloads/mule-runtime/4.2/secure-properties-tool.jar and your favorite command line tool ○ Also requires Mule Secure Configuration Property Extension ○ Can encrypt individual properties, all properties, or the entire file content ○ Can use .yaml or .properties files ○ Requires key as a command line parameter ○ Preface your properties with “secure::” Note: Another option to encrypt properties is to use the “Premium Security Connector” at this site: http://security-update-site-1.4.s3.amazonaws.com/ . However, this solution is not in ‘official’ Mule 4.3 documentation AND can only be used with .properties files. We will not cover this solution in this presentation.
Step #2 - Safely Hidden Application Properties Safely Hidden Application Properties ○ Not the same as CloudHub “Safely Hidden” Properties ■ Use mule-artifact.json for CloudHub “Safely Hidden” Properties ■ Consider injected properties ○ Use “rtfctl” as follows: sudo ./rtfctl apply secure-property --key <my_key> --value <my_value> -n <environment_id> ○ Note that you can still view the properties: sudo ./rtfctl get secure-properties -n 92af6926-9a73-4858-9481-fe2a2668bd9b KEY VALUE decryptionKey <<value in plain text>>
Demo! ● What you will see: ○ Local connection testing with Secure Configuration Properties ○ Safely Hidden properties on RTF ○ Edge Security and API Manager Policies ● What you won’t see: ○ Deploying to RTF
Demo wrapup ● You saw: ○ How to locally encrypt property ○ How to test from Connector - and the pitfalls of doing so ○ Safely Hidden properties on CloudHub ○ Safely Hidden properties on RTF ○ Edge Security policy ○ API Manager policy ○ Custom policy for AI/ML solution
Trivia Question #2 What is the most secure way to ‘hide’ sensitive configuration properties? A. Secure Configuration Properties B. RTF Safely Hidden Properties C. CloudHub Safely Hidden Properties D. Continuous Development/Deployment injected properties
Data: Tokenization Service
42 ● Used to protect sensitive information ● Format preserving ● Service must be deployed to RTF instance ● Reversible ● Vaultless ● Scalability ● Flexibility ● Format support Tokenization
43 ● Can be applied to any RTF deployed proxy ● Replaces sensitive data in the payload with tokens ● Configurable ○ Selector expression ○ Request or Response ○ Formats Tokenization Policy
44 Tokenization Use Case
Demo! ● What you will see: ○ Tokenization and Detokenization Policies ● What you won’t see: ○ Tokenization service deployment ○ Token format configurations
Trivia Question #3 Which of the following is true? A. The tokenization is reversible but requires a lookup table B. Memory requirements increase with number of tokens provisioned C. RTF installations include the tokenization service by default D. Portions of the original sensitive data can be preserved
Next Steps
48 ● Share: ○ Tweet using the hashtag #MuleSoftMeetups ○ Invite your network to join: https://meetups.mulesoft.com/denver ● Feedback: ○ Complete the Meetup survey, provide feedback, and suggest topics for upcoming events ○ Contact MuleSoft at meetups@mulesoft.com for ways to improve the program What’s next?
49 ● Next Meetup: July 28, 2021. Site TBD. We will make every effort to make this an in-person meetup based on current local and CDC guidance. ● Future Meetup (tentative) schedule: ○ Sep 22 (Site TBD based on local guidance) ○ Nov 10 (Site TBD based on local guidance) ● We are looking for topic suggestions: ○ DataWeave (of course!) ○ Other suggestions: ■ Logging revisited ■ MuleSoft Composer for Salesforce ■ Others??? ● We’re also looking for speakers - please contact us if you are interested Denver Meetups 2021
Thank you

Recommended

Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Akshata Sawant
 
Introduction to MuleSoft
Introduction to MuleSoftIntroduction to MuleSoft
Introduction to MuleSoft
Alexandra N. Martinez
 
Mule 4 migration + Common Integration Challenges : MuleSoft Virtual Muleys Me...
Mule 4 migration + Common Integration Challenges : MuleSoft Virtual Muleys Me...Mule 4 migration + Common Integration Challenges : MuleSoft Virtual Muleys Me...
Mule 4 migration + Common Integration Challenges : MuleSoft Virtual Muleys Me...
Angel Alberici
 
Rtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetesRtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetes
Sandeep Deshmukh
 
Benefits of integration with the Mulesoft Anypoint Platform
Benefits of integration with the Mulesoft Anypoint PlatformBenefits of integration with the Mulesoft Anypoint Platform
Benefits of integration with the Mulesoft Anypoint Platform
Cloud Analogy
 
Mulesoft Connections to different companies, and different services
Mulesoft Connections to different companies, and different servicesMulesoft Connections to different companies, and different services
Mulesoft Connections to different companies, and different services
Byreddy Sravan Kumar Reddy
 
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain. What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
Kellton Tech Solutions Ltd
 
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys MeetupsMuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
Angel Alberici
 

Recommended

Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Akshata Sawant
 
Introduction to MuleSoft
Introduction to MuleSoftIntroduction to MuleSoft
Introduction to MuleSoft
Alexandra N. Martinez
 
Mule 4 migration + Common Integration Challenges : MuleSoft Virtual Muleys Me...
Mule 4 migration + Common Integration Challenges : MuleSoft Virtual Muleys Me...Mule 4 migration + Common Integration Challenges : MuleSoft Virtual Muleys Me...
Mule 4 migration + Common Integration Challenges : MuleSoft Virtual Muleys Me...
Angel Alberici
 
Rtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetesRtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetes
Sandeep Deshmukh
 
Benefits of integration with the Mulesoft Anypoint Platform
Benefits of integration with the Mulesoft Anypoint PlatformBenefits of integration with the Mulesoft Anypoint Platform
Benefits of integration with the Mulesoft Anypoint Platform
Cloud Analogy
 
Mulesoft Connections to different companies, and different services
Mulesoft Connections to different companies, and different servicesMulesoft Connections to different companies, and different services
Mulesoft Connections to different companies, and different services
Byreddy Sravan Kumar Reddy
 
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain. What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
What’s Mule 4.3? How Does Anytime RTF Help? Our insights explain.
Kellton Tech Solutions Ltd
 
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys MeetupsMuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
MuleSoft Runtime Fabric (RTF): Foundations : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
MuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleysMuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleys
Angel Alberici
 
MuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier ArchitectureMuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier Architecture
Harish Kumar
 
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Angel Alberici
 
MuleSoft Architecture Presentation
MuleSoft Architecture PresentationMuleSoft Architecture Presentation
MuleSoft Architecture Presentation
Rupesh Sinha
 
Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...
Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...
Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...
MuleSoft
 
Future of Integration | MuleSoft
Future of Integration | MuleSoftFuture of Integration | MuleSoft
Future of Integration | MuleSoft
MuleSoft
 
Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft ppt
Achyuta Lakshmi
 
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys MeetupsVPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
Prashanth Kurimella
 
Exploring Universal API Management And Flex Gateway
Exploring Universal API Management And Flex GatewayExploring Universal API Management And Flex Gateway
Exploring Universal API Management And Flex Gateway
shyamraj55
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
pqrs1234
 
Cloudhub 2.0
Cloudhub 2.0Cloudhub 2.0
Cloudhub 2.0
Christopher Co
 
Introduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoftIntroduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoft
Paris Salesforce Developer Group
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft
 
Mulesoft Anypoint platform introduction
Mulesoft Anypoint platform introductionMulesoft Anypoint platform introduction
Mulesoft Anypoint platform introduction
gijish
 
Object Store V2 Workshop
Object Store V2 WorkshopObject Store V2 Workshop
Object Store V2 Workshop
MuleSoft
 
Product Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformProduct Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint Platform
MuleSoft
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft
 
Building APIs with Mule and Spring Boot
Building APIs with Mule and Spring BootBuilding APIs with Mule and Spring Boot
Building APIs with Mule and Spring Boot
Guilherme Pereira Silva
 
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
shyamraj55
 
Chicago rtf meetup august 17 2021
Chicago rtf meetup august 17 2021Chicago rtf meetup august 17 2021
Chicago rtf meetup august 17 2021
prasenjit banerjee
 
Composer Overview Meetup.pdf
Composer Overview Meetup.pdfComposer Overview Meetup.pdf
Composer Overview Meetup.pdf
Jimmy Attia
 

More Related Content

What's hot

MuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleysMuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleys
Angel Alberici
 
MuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier ArchitectureMuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier Architecture
Harish Kumar
 
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Angel Alberici
 
MuleSoft Architecture Presentation
MuleSoft Architecture PresentationMuleSoft Architecture Presentation
MuleSoft Architecture Presentation
Rupesh Sinha
 
Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...
Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...
Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...
MuleSoft
 
Future of Integration | MuleSoft
Future of Integration | MuleSoftFuture of Integration | MuleSoft
Future of Integration | MuleSoft
MuleSoft
 
Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft ppt
Achyuta Lakshmi
 
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys MeetupsVPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
Angel Alberici
 
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
Prashanth Kurimella
 
Exploring Universal API Management And Flex Gateway
Exploring Universal API Management And Flex GatewayExploring Universal API Management And Flex Gateway
Exploring Universal API Management And Flex Gateway
shyamraj55
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
pqrs1234
 
Cloudhub 2.0
Cloudhub 2.0Cloudhub 2.0
Cloudhub 2.0
Christopher Co
 
Introduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoftIntroduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoft
Paris Salesforce Developer Group
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft
 
Mulesoft Anypoint platform introduction
Mulesoft Anypoint platform introductionMulesoft Anypoint platform introduction
Mulesoft Anypoint platform introduction
gijish
 
Object Store V2 Workshop
Object Store V2 WorkshopObject Store V2 Workshop
Object Store V2 Workshop
MuleSoft
 
Product Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformProduct Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint Platform
MuleSoft
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft
 
Building APIs with Mule and Spring Boot
Building APIs with Mule and Spring BootBuilding APIs with Mule and Spring Boot
Building APIs with Mule and Spring Boot
Guilherme Pereira Silva
 
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
shyamraj55
 

What's hot (20)

MuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleysMuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleys
 
MuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier ArchitectureMuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier Architecture
 
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...
 
MuleSoft Architecture Presentation
MuleSoft Architecture PresentationMuleSoft Architecture Presentation
MuleSoft Architecture Presentation
 
Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...
Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...
Best Practices in Implementing a Center for Enablement (C4E) within Your Orga...
 
Future of Integration | MuleSoft
Future of Integration | MuleSoftFuture of Integration | MuleSoft
Future of Integration | MuleSoft
 
Mulesoft ppt
Mulesoft pptMulesoft ppt
Mulesoft ppt
 
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys MeetupsVPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
VPCs, Metrics Framework, Back pressure : MuleSoft Virtual Muleys Meetups
 
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
 
Exploring Universal API Management And Flex Gateway
Exploring Universal API Management And Flex GatewayExploring Universal API Management And Flex Gateway
Exploring Universal API Management And Flex Gateway
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
 
Cloudhub 2.0
Cloudhub 2.0Cloudhub 2.0
Cloudhub 2.0
 
Introduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoftIntroduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoft
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
 
Mulesoft Anypoint platform introduction
Mulesoft Anypoint platform introductionMulesoft Anypoint platform introduction
Mulesoft Anypoint platform introduction
 
Object Store V2 Workshop
Object Store V2 WorkshopObject Store V2 Workshop
Object Store V2 Workshop
 
Product Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformProduct Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint Platform
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
 
Building APIs with Mule and Spring Boot
Building APIs with Mule and Spring BootBuilding APIs with Mule and Spring Boot
Building APIs with Mule and Spring Boot
 
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
 

Similar to Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security

Chicago rtf meetup august 17 2021
Chicago rtf meetup august 17 2021Chicago rtf meetup august 17 2021
Chicago rtf meetup august 17 2021
prasenjit banerjee
 
Composer Overview Meetup.pdf
Composer Overview Meetup.pdfComposer Overview Meetup.pdf
Composer Overview Meetup.pdf
Jimmy Attia
 
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
apidays
 
Intro to Tableau - SL Dev Group.pdf
Intro to Tableau - SL Dev Group.pdfIntro to Tableau - SL Dev Group.pdf
Intro to Tableau - SL Dev Group.pdf
Salesforce.com Developer Community
 
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Prag Ravichandran Kamalaveni (he/him)
 
MuleSoft Composer - 09122021 - Virtual Muleys
MuleSoft Composer - 09122021 - Virtual Muleys MuleSoft Composer - 09122021 - Virtual Muleys
MuleSoft Composer - 09122021 - Virtual Muleys
Angel Alberici
 
Eda gas andelectricity_meetup-adelaide_pov
Eda gas andelectricity_meetup-adelaide_povEda gas andelectricity_meetup-adelaide_pov
Eda gas andelectricity_meetup-adelaide_pov
Nicholas Bowman
 
TrailheadX Presentation - 2020 Cluj
TrailheadX Presentation - 2020 ClujTrailheadX Presentation - 2020 Cluj
TrailheadX Presentation - 2020 Cluj
Arpad Komaromi
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Salesforce Developers
 
London Salesforce Developers TDX 20 Global Gathering
London Salesforce Developers TDX 20 Global GatheringLondon Salesforce Developers TDX 20 Global Gathering
London Salesforce Developers TDX 20 Global Gathering
Keir Bowden
 
Perth Meetup December 2021
Perth Meetup December 2021Perth Meetup December 2021
Perth Meetup December 2021
Michael Price
 
[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx
jorgelebrato
 
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Salesforce Developers
 
WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too! WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too!
Salesforce Admins
 
Admin Best Practices: 3 Steps to Seamless Deployments
Admin Best Practices: 3 Steps to Seamless DeploymentsAdmin Best Practices: 3 Steps to Seamless Deployments
Admin Best Practices: 3 Steps to Seamless Deployments
Salesforce Admins
 
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Russell Feldman
 
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
DianeKesler2
 
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
MysoreMuleSoftMeetup
 
CLE TrailheaDX 2020 Global Gathering
CLE TrailheaDX 2020 Global GatheringCLE TrailheaDX 2020 Global Gathering
CLE TrailheaDX 2020 Global Gathering
Lynda Kane
 
TDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UGTDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UG
Stephan Chandler-Garcia
 

Similar to Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security (20)

Chicago rtf meetup august 17 2021
Chicago rtf meetup august 17 2021Chicago rtf meetup august 17 2021
Chicago rtf meetup august 17 2021
 
Composer Overview Meetup.pdf
Composer Overview Meetup.pdfComposer Overview Meetup.pdf
Composer Overview Meetup.pdf
 
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
INTERFACE, by apidays - The future of API Management in a hybrid, multi-clou...
 
Intro to Tableau - SL Dev Group.pdf
Intro to Tableau - SL Dev Group.pdfIntro to Tableau - SL Dev Group.pdf
Intro to Tableau - SL Dev Group.pdf
 
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
Dreamforce 2019: "Using Quip for Better Documentation of your Salesforce Org"
 
MuleSoft Composer - 09122021 - Virtual Muleys
MuleSoft Composer - 09122021 - Virtual Muleys MuleSoft Composer - 09122021 - Virtual Muleys
MuleSoft Composer - 09122021 - Virtual Muleys
 
Eda gas andelectricity_meetup-adelaide_pov
Eda gas andelectricity_meetup-adelaide_povEda gas andelectricity_meetup-adelaide_pov
Eda gas andelectricity_meetup-adelaide_pov
 
TrailheadX Presentation - 2020 Cluj
TrailheadX Presentation - 2020 ClujTrailheadX Presentation - 2020 Cluj
TrailheadX Presentation - 2020 Cluj
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component Performance
 
London Salesforce Developers TDX 20 Global Gathering
London Salesforce Developers TDX 20 Global GatheringLondon Salesforce Developers TDX 20 Global Gathering
London Salesforce Developers TDX 20 Global Gathering
 
Perth Meetup December 2021
Perth Meetup December 2021Perth Meetup December 2021
Perth Meetup December 2021
 
[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx[Madrid-Meetup April 22] UAPIM.pptx
[Madrid-Meetup April 22] UAPIM.pptx
 
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
 
WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too! WT19: Platform Events Are for Admins Too!
WT19: Platform Events Are for Admins Too!
 
Admin Best Practices: 3 Steps to Seamless Deployments
Admin Best Practices: 3 Steps to Seamless DeploymentsAdmin Best Practices: 3 Steps to Seamless Deployments
Admin Best Practices: 3 Steps to Seamless Deployments
 
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
Los Angeles Admin Trailblazer Community Group TrailheaDX 2020 Global Gatherin...
 
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
MuleSoft Composer - OKC Oklahoma City MuleSoft Meetup 11/11/21
 
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
Mulesoft RPA & The Last Mile Problem (Dreamforce 22 ) | MuleSoft Mysore Meetu...
 
CLE TrailheaDX 2020 Global Gathering
CLE TrailheaDX 2020 Global GatheringCLE TrailheaDX 2020 Global Gathering
CLE TrailheaDX 2020 Global Gathering
 
TDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UGTDX Global Gathering - Wellington UG
TDX Global Gathering - Wellington UG
 

Recently uploaded

“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfAI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
Techgropse Pvt.Ltd.
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
Claudio Di Ciccio
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
FODUU
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 

Recently uploaded (20)

“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfAI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 

Denver MuleSoft Meetup: Deep Dive into Anypoint Runtime Fabric Security

  • 1. May 19, 2021 Denver (Virtual) MuleSoft Meetup Group Deep Dive into Anypoint Runtime Fabric Security
  • 2. 2 ● 6:30 - 6:35 - Attendees join Meetup ● 6:35 - 6:40 - Introductions ● 6:40 - 7:50 - Deep Dive into Anypoint Runtime Fabric Security ● 7:50 - 8:00 - Wrap up and next Meetup ● 8:00 - Meetup concludes Agenda
  • 3. 3 ● About Big Compass: ○ Stephanie Lawrence ○ Linda Gunn ○ Brian Statkevicus Introductions Use Chat - tell us where you are joining us from
  • 4. 4 ● Use Chat ● One answer per person per question ○ If you answer more than 1x per question, you are ineligible for that question ● If you’ve already won during today’s Meetup, you cannot win again ● Big Compass makes the final decision on the trivia winners that will be submitted to MuleSoft (see next slide) Trivia Questions - “House Rules” More important Trivia guidelines on next slide
  • 5. 5 ● Big Compass emails trivia winners a link to a Google Form for the trivia winners to complete ● Once you complete this form, MuleSoft will verify: ○ You haven’t already won this month ○ You’re not trying other means to circumvent the 1x/month rule ● MuleSoft will send you the voucher ○ The voucher is a training voucher, not a standalone exam voucher. If you select an exam on the Google Form as opposed to selecting a course, you will not receive a voucher. ○ MuleSoft retains the final decision on determining your eligibility to receive a training voucher ● If you have trouble redeeming a voucher or have not received a voucher, open a ticket at training.mulesoft.com/question. DO NOT CONTACT US! Trivia Questions - MuleSoft Guidelines
  • 6. Forward-looking statements 6 "Safe harbor" statement under the Private Securities Litigation Reform Act of 1995: This presentation contains forward-looking statements about the company's financial and operating results, which may include expected GAAP and non-GAAP financial and other operating and non-operating results, including revenue, net income, diluted earnings per share, operating cash flow growth, operating margin improvement, expected revenue growth, expected current remaining performance obligation growth, expected tax rates, stock-based compensation expenses, amortization of purchased intangibles, shares outstanding, market growth, environmental, social and governance goals and expected capital allocation, including mergers and acquisitions, capital expenditures and other investments. The achievement or success of the matters covered by such forward-looking statements involves risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, the company’s results could differ materially from the results expressed or implied by the forward-looking statements it makes. The risks and uncertainties referred to above include -- but are not limited to -- risks associated with the effect of general economic and market conditions; the impact of geopolitical events, natural disasters and actual or threatened public health emergencies, such as the ongoing Coronavirus pandemic; the impact of foreign currency exchange rate and interest rate fluctuations on our results; our business strategy and our plan to build our business, including our strategy to be the leading provider of enterprise cloud computing applications and platforms; the pace of change and innovation in enterprise cloud computing services; the seasonal nature of our sales cycles; the competitive nature of the market in which we participate; our international expansion strategy; the demands on our personnel and infrastructure resulting from significant growth in our customer base and operations, including as a result of acquisitions; our service performance and security, including the resources and costs required to avoid unanticipated downtime and prevent, detect and remediate potential security breaches; the expenses associated with our data centers and third-party infrastructure providers; additional data center capacity; real estate and office facilities space; our operating results and cash flows; new services and product features, including any efforts to expand our services beyond the CRM market; our strategy of acquiring or making investments in complementary businesses, joint ventures, services, technologies and intellectual property rights; the performance and fair value of our investments in complementary businesses through our strategic investment portfolio; our ability to realize the benefits from strategic partnerships, joint ventures and investments; the impact of future gains or losses from our strategic investment portfolio, including gains or losses from overall market conditions that may affect the publicly traded companies within our strategic investment portfolio; our ability to execute our business plans; our ability to successfully integrate acquired businesses and technologies; our ability to continue to grow unearned revenue and remaining performance obligation; our ability to protect our intellectual property rights; our ability to develop our brands; our reliance on third-party hardware, software and platform providers; our dependency on the development and maintenance of the infrastructure of the Internet; the effect of evolving domestic and foreign government regulations, including those related to the provision of services on the Internet, those related to accessing the Internet, and those addressing data privacy, cross-border data transfers and import and export controls; the valuation of our deferred tax assets and the release of related valuation allowances; the potential availability of additional tax assets in the future; the impact of new accounting pronouncements and tax laws; uncertainties affecting our ability to estimate our tax rate; uncertainties regarding our tax obligations in connection with potential jurisdictional transfers of intellectual property, including the tax rate, the timing of the transfer and the value of such transferred intellectual property; the impact of expensing stock options and other equity awards; the sufficiency of our capital resources; factors related to our outstanding debt, revolving credit facility and loan associated with 50 Fremont; compliance with our debt covenants and lease obligations; current and potential litigation involving us; and the impact of climate change. Further information on these and other factors that could affect the company’s financial results is included in the reports on Forms 10-K, 10-Q and 8-K and in other filings it makes with the Securities and Exchange Commission from time to time. These documents are available on the SEC Filings section of the Investor Information section of the company’s website at. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements, except as required by law.
  • 8. Moving from On-Prem to Runtime Fabric Achieving Top Notch Security in RTF ● How do we secure secrets? ● How do we leverage what is already available in MuleSoft to secure our precious data assets? ● What is the best way to go about encryption of properties at rest? ● When does tokenization come in? How is it different from encryption? What are the benefits of doing one over the other? ● What other aspects of security do we have to consider when we deploy our API’s to Runtime Fabric? ● What are the risks involved if we do not employ certain techniques to secure our API’s? ● What is the most important thing we must do to achieve security in the Runtime Fabric environment? 8
  • 9. Speakers 9 Brian Statkevicus MuleSoft Practice Manager, Big Compass Connor Fitzgerald Senior Consultant, Big Compass
  • 11. Anypoint Runtime Fabric VM Mule App VM Mule App Mule App Runtime Fabric components Runtime Fabric appliance Mule App network Runtime Fabric Mule App Mule App VM Runtime Fabric orchestrates and automates the deployment of Mule runtimes into containers in any cloud or on-premises environment Benefits ● Easily manage via the control plane hosted by MuleSoft ● Deploy consistently across any cloud or data center ● Run multiple runtime versions in the same Runtime Fabric ● Scale horizontally and redeploy w/ zero-downtime ● Flexible deployment upon existing infrastructure or managed K8s services Overview
  • 12. Deploy and manage runtimes on AKS, EKS, or GKE Runtime Fabric on AKS, EKS, and GKE Extend control plane benefits to runtimes on your AKS, EKS, or GKE ● Customer gets the latest management and monitoring features of Anypoint Platform Decouple Mule runtime services from your own infrastructure ● Give your ops teams the power to use their infrastructure how they want 12 CUSTOMER’S NETWORK Mule App Mule App Mule App Runtime Fabric services Mule App Mule App Mule App Mule App Mule App Mule App Runtime Plane CONTROL PLANE Kubernetes-as-a-Service Available now GKE
  • 13. Deploy and manage across any K8s service Deploy across private clouds Open K8s access to managed providers Expanded K8s access on managed providers Across any K8s service EKS AKS GKE ● Deploy standalone cluster within AWS, Azure, or on-prem ● Use K8s and docker without K8s expertise ● Install RTF services into private K8s environment ● Open access for customers with existing K8s expertise ● COMING SOON! Support for OpenShift container platform ● COMING SOON! Run Mule and non-Mule workloads on the same K8s environment ● Open support for any managed service built on K8s ● Deploy across any K8s environment
  • 15. Appliance vs EKS, AKS, & GKE Runtime Fabric Appliance VM Mule App VM Mule App Mule App Runtime Fabric components Runtime Fabric appliance Mule App network Runtime Fabric appliance Mule App Mule App VM Managed by Customer Managed within Anypoint Platform Customers bring their own hardware and networking, and install Runtime Fabric on top of it. ● Self-contained appliance-model ● Customers maintain the infrastructure ● MuleSoft maintains the Kubernetes stack, RTF services and Mule deployments
  • 16. Appliance vs EKS, AKS, & GKE Runtime Fabric is delivered to customers as a package of components that run on top of an existing EKS, AKS, or GKE environment. Customers bring their own Kubernetes, ingress controller, and external log forwarding and install RTF within it. Customers maintain the health of Kubernetes, and MuleSoft maintains the RTF services and Mule deployments. Runtime Fabric on EKS / AKS / GKE Node Mule App Node Mule App Mule App Runtime Fabric services EKS or AKS Mule App network Runtime Fabric on EKS / AKS Mule App Mule App Node Managed by K8s specialist Managed within Anypoint Platform
  • 17. Controller nodes Worker nodes Internal load balancer Internal load balancer Internal load balancer Mule App3 Mule App4 Mule App1 Mule App2 Mule App5 Mule App6 Mule App1 Mule App2 Mule App7 Mule App8 Mule App5 Mule App6 TCP load balancer Control plane Agent Agent Agent INTERNET CUSTOMER NETWORK Production Configuration Runtime Fabric Appliance
  • 18. Runtime Fabric on EKS/ AKS / GKE Default configuration Worker nodes Ingress controller Ingress controller Mule App3 Mule App4 Mule App1 Mule App2 Mule App5 Mule App6 Mule App1 Mule App2 Mule App7 Mule App8 Mule App5 Mule App6 TCP load balancer Control plane Agent INTERNET CUSTOMER NETWORK AKS, EKS, or GKE
  • 19. ● EKS / AKS / GKE are highly available and managed by cloud provider. ● Managed worker nodes simplify node scaling and upgrades. ● More customizable to your organization’s environment. ● Choose your own ingress controller and log forwarding agents. Lower Cost Benefits of RTF on EKS / AKS / GKE More Flexible ● EKS / AKS/ GKE replaces the controller nodes. ● Pricing for Kubernetes services provided by IaaS Less Overhead
  • 20. Key Changes RTF on EKS/AKS/GKE RTF appliance Support for deploying Mules and API Gateways Supported. Supported. Kubernetes and Docker Customers bring their own K8S via provisioning EKS or AKS or GKE clusters. MuleSoft supplies Docker images Included. Support for installing on any Linux distribution Supported. RHEL and CentOS only. Support for node auto-scaling Supported using Azure, AWS, or Google settings Not supported. Support for external log forwarding Customers bring their own external log forwarder. Included. Support for internal load balancer Customers bring their own internal load balancer (called “Ingress Controller”) Included.
  • 21. Key Changes (cont) RTF on EKS/AKS/GKE RTF appliance Support for Anypoint Security Edge Not supported. Supported. Ops Center Not included. Customers can enable similar monitoring and alerting from Cloud console Included. Support for Persistence Gateway (new in v1.9.1 - Apr 20, 2021 release). Permits data storage and sharing across Mule application replicas and restarts Supported. Supported. Tutorials on how to get started with RTF on EKS/AKS/GKE are here: https://developer.mulesoft.com/tutorials-and-howtos
  • 22. Trivia Question #1 Which of the following do VM/Bare metal RTF installations provide that Self-Managed Kubernetes DO NOT? A. Ability to run multiple Mule runtime versions B. Node autoscaling C. Ability to deploy applications from Runtime Manager D. Resource and Infrastructure monitoring via Ops Center
  • 24. 24 ● Network: RTF Network Security ● API: RTF API Security ● Credentials: Encrypting properties at rest ● Data: Tokenization Service RTF Security
  • 26. 26 Recommended Network Configuration This is the default recommended configuration. Note the following in this diagram: ● 3 controller nodes, 3 worker nodes. This configuration enables fault tolerance if you lose one controller node. Agents are deployed to controller nodes. ● External load balancer forwards request to available internal load balancer. ● Internal load balancer decrypts request and sends request to available replica of the Mule app ● All nodes are on the same subnet. This is the recommended configuration for latency reasons and networking simplicity.
  • 27. 27 Network Security Best Practices Based on this diagram: ● Ensure only IP addresses that are required are open ● Ensure only ports that are required are open ● Use an external balancer. This ensures that Ingress communication is limited to a trusted source (the external load balancer) ● You can deploy using a private and public subnet model. Be aware if you set this model up you will need to communicate over low latency across subnets.
  • 28. API: RTF API Security
  • 29. 29 ● Uses multiple components to protect at multiple layers ● Generally viewed as a best practice ○ Each layer has a “backup” to counter any flaws or gaps in a particular layer ○ Usually superior to a single defense layer ● Drawbacks: ○ Can be costly depending on the components used ○ Can negatively impact performance Layered Security
  • 30. 30 ● Protects against “brute force” and other simple attacks ● Gateway Security measures include ○ OAuth 2.0 ○ Rate limiting ○ IP whitelisting/blacklisting ○ Client ID/Secret ○ JWT ○ SAML First layer - API Gateway
  • 31. 31 ● WAF (Web Application Firewall) and RASP (Runtime Application Self Protection) protect against some of the OWASP “Top 10” attacks https://owasp.org/www-project-top-ten/ ● When combined with API Gateway, can defend against: ○ SQL Injection ○ XML Threat ○ Cross site scripting ○ DoS Second layer - WAF/RASP
  • 32. 32 ● Implements “Zero-Trust” Security ● Last line of defense that models API behavior ● Can detect deviations from normal behavior ● Protects against: ○ Stolen tokens and credentials ○ Insider threats ○ Authenticated access Third layer - ML/AI
  • 33. 33 ● Used to apply “Edge” Security policies ○ DoS ○ IP Whitelist ○ HTTP Limits (size and headers only) ○ WAF ● Applies to all applications in RTF ● Can still configure individual application policies using API Manager ● Does not provide ML/AI layer of protection ○ A custom policy plus a 3rd party solution will enable this layer of security ● NOT supported on EKS/AKS/GKE deployments Anypoint Security
  • 35. The Challenge ● Enterprise Information Systems (EISs) need credentials ○ Often use “service accounts” for automated integration solutions ○ These credentials may be subject to routine maintenance (i.e. change every 90 days) ● Other sensitive information may need to be secured ○ URLs ○ IP Addresses ● Storing these credentials in plain text is a sure-fire way to fail a security audit!
  • 36. Step #1 - Secure Configuration Properties Secure Configuration Properties ○ Uses https://docs.mulesoft.com/downloads/mule-runtime/4.2/secure-properties-tool.jar and your favorite command line tool ○ Also requires Mule Secure Configuration Property Extension ○ Can encrypt individual properties, all properties, or the entire file content ○ Can use .yaml or .properties files ○ Requires key as a command line parameter ○ Preface your properties with “secure::” Note: Another option to encrypt properties is to use the “Premium Security Connector” at this site: http://security-update-site-1.4.s3.amazonaws.com/ . However, this solution is not in ‘official’ Mule 4.3 documentation AND can only be used with .properties files. We will not cover this solution in this presentation.
  • 37. Step #2 - Safely Hidden Application Properties Safely Hidden Application Properties ○ Not the same as CloudHub “Safely Hidden” Properties ■ Use mule-artifact.json for CloudHub “Safely Hidden” Properties ■ Consider injected properties ○ Use “rtfctl” as follows: sudo ./rtfctl apply secure-property --key <my_key> --value <my_value> -n <environment_id> ○ Note that you can still view the properties: sudo ./rtfctl get secure-properties -n 92af6926-9a73-4858-9481-fe2a2668bd9b KEY VALUE decryptionKey <<value in plain text>>
  • 38. Demo! ● What you will see: ○ Local connection testing with Secure Configuration Properties ○ Safely Hidden properties on RTF ○ Edge Security and API Manager Policies ● What you won’t see: ○ Deploying to RTF
  • 39. Demo wrapup ● You saw: ○ How to locally encrypt property ○ How to test from Connector - and the pitfalls of doing so ○ Safely Hidden properties on CloudHub ○ Safely Hidden properties on RTF ○ Edge Security policy ○ API Manager policy ○ Custom policy for AI/ML solution
  • 40. Trivia Question #2 What is the most secure way to ‘hide’ sensitive configuration properties? A. Secure Configuration Properties B. RTF Safely Hidden Properties C. CloudHub Safely Hidden Properties D. Continuous Development/Deployment injected properties
  • 42. 42 ● Used to protect sensitive information ● Format preserving ● Service must be deployed to RTF instance ● Reversible ● Vaultless ● Scalability ● Flexibility ● Format support Tokenization
  • 43. 43 ● Can be applied to any RTF deployed proxy ● Replaces sensitive data in the payload with tokens ● Configurable ○ Selector expression ○ Request or Response ○ Formats Tokenization Policy
  • 45. Demo! ● What you will see: ○ Tokenization and Detokenization Policies ● What you won’t see: ○ Tokenization service deployment ○ Token format configurations
  • 46. Trivia Question #3 Which of the following is true? A. The tokenization is reversible but requires a lookup table B. Memory requirements increase with number of tokens provisioned C. RTF installations include the tokenization service by default D. Portions of the original sensitive data can be preserved
  • 48. 48 ● Share: ○ Tweet using the hashtag #MuleSoftMeetups ○ Invite your network to join: https://meetups.mulesoft.com/denver ● Feedback: ○ Complete the Meetup survey, provide feedback, and suggest topics for upcoming events ○ Contact MuleSoft at meetups@mulesoft.com for ways to improve the program What’s next?
  • 49. 49 ● Next Meetup: July 28, 2021. Site TBD. We will make every effort to make this an in-person meetup based on current local and CDC guidance. ● Future Meetup (tentative) schedule: ○ Sep 22 (Site TBD based on local guidance) ○ Nov 10 (Site TBD based on local guidance) ● We are looking for topic suggestions: ○ DataWeave (of course!) ○ Other suggestions: ■ Logging revisited ■ MuleSoft Composer for Salesforce ■ Others??? ● We’re also looking for speakers - please contact us if you are interested Denver Meetups 2021