SlideShare a Scribd company logo

Secured APIM-as-a-Service

N
NGINX, Inc.

In our digital world, customers expect a compelling, reliable digital experience and partners want frictionless integration with your services. One of the most critical underpinnings to digital success is the application programming interface (API). APIs are the common currency for transacting in the digital world. API traffic now constitutes 83% of the world’s internet traffic and 70% of organizations have invested in API management. Join us for this session API-as-a-Service: How an Internal API Cloud Can Accelerate Digital Transformation.

Technology
1 of 21
Download to read offline
| ©2018 F5 NETWORKS1 Secured APIM-as-a-Service Frank Zhu
| ©2018 F5 NETWORKS2 Objective
| ©2018 F5 NETWORKS3 Bring DevOps best practices into Operations Provision & Security Turn Gate into Guardrail
| ©2018 F5 NETWORKS4 Challenges
| ©2018 F5 NETWORKS5 Digital Transformation Challenges SpeedComplexity Attack Surface Collaboration ✓ Inconsistent Security solution across cloud environments ✓ Lack of DevOps friendly security tools (CI/CD pipeline) ✓ Implement security early in the development process ✓ Deploy in modern architecture ✓ Microservices creates Additional attack vectors & new attack types ✓ SecOps view of DevOps: “They don’t take security seriously” ✓ DevOps View of SecOps: “They constantly are interrupting our pipeline, slowing us down, all for the sake of security”
| ©2018 F5 NETWORKS6 The Solution
| ©2018 F5 NETWORKS7 Declarative Support Base Templates predefined or externalreference Adaptation layer: Base Template Adaption Option to customize the initial policy {"policy": { "name":"AppPolicy01", "description":"AppV1.1 - DEMO FOR DECLARATIVE AND WEBHOOKS CAPABILITIES", "template":{ "name":"POLICY_TEMPLATE_RAPID_DEPLOYMENT" }, "enforcementMode":"blocking", "server-technologies":[ { "serverTechnologyName":"MySQL" } ], "signature-settings":{ "signatureStaging": false }, "modifications": [{ "entityChanges": { "type": "explicit" }, "entity": { "name": "log" }, "entityKind": "tm:asm:policies:filetypes:filetypestate", "action": "delete", "description": "Delete Disallowed File Type" } ] } Modification layer: Policy builder suggestions Part of the modification layer and can be shared between policies
| ©2020 F58  Shift-Left  API Testing API Implementation API Definition API Onboarding API Deployment API Runtime Development OperationsSelf Service
| ©2018 F5 NETWORKS9 Secured APIM-as-a-Service
| ©2018 F5 NETWORKS10 Secured APIM-as-a-Microservice
| ©2018 F5 NETWORKS11 Deployment Options
| ©2018 F5 NETWORKS12 Deployment at the Edge (Tier 2) Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Edge NetOps/SecOps-Centric Approach This is a prime use case for Edge load balancer i.e. outside K8s. NetOps/SecOps empower their App/DevOps brethren to consume F5 application services in an automated manner.
| ©2018 F5 NETWORKS13 Deployment on the Ingress Controller (Tier 3) Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Edge K8s SecOps/DevSecOps-Centric Approach Appropriate solution when secured policies are under direction of NetOps or DevOps teams. Policies are defined and associated with services using Kubernetes API. NGINX Ingress Controller RBAC allows: • Admin users to enforce policies per listener • DevOps users to select policy per Ingress Resource Leverage Container Ingress Services to scale NGINX Ingress Controller and add other application services (LB, DNS, DDoS, IAM).
| ©2018 F5 NETWORKS14 Deployment forA Specific Service (Tier 3) Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Edge DevSecOps-Centric Approach Appropriate solution when secured policies are under direction of the DevSecOps team, and specific to a small number of services. Protection is implemented using a front-end proxy service for the protected service(s). • Easy to deploy securely • Security updates require re-deployment of per-service proxy tier Allows for greater resource control and reduces complexity of IC configuration.
| ©2018 F5 NETWORKS15 Deployment forA Specific Pod (Tier 3) Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Edge AppOwner-Centric Approach Appropriate solution when App Owner has full control of security for their application. Protection is implemented using an embedded proxy for each application pod. • Implemented, tested and deployed using CI/CD pipeline • Security updates require re-deployment of application pods Suitable for services that require very close control and testing of API configuration.
| ©2018 F5 NETWORKS16 Meet the Team
| ©2018 F5 NETWORKS17 DevOps squad: 6-8 resources: 1. Tech lead 2. Scrum Master 3. Test Developer 4. Deployment Developer 5. 2-4 Full-Stack Developers Two-Pizza Team
| ©2018 F5 NETWORKS19 Discovery Questions
| ©2018 F5 NETWORKS20 1. How many APIsnowand overthe next year? How many Teams? 2. Internalor Externalconsumers?Determineswhat they need froma DevPortal& Auth Requirements 3. API stylesin use – REST,XML, gRPC,GraphQL.Nowvs Future. 4. Contractfirstapproach(Do theydesignbeforetheybuild APIs)? Existingspecs? 5. Deploymentflow(how many teams have to touchit) 6. Automationrequirements-DevOpspractices,CI/CD maturity 7. How are the APIs deliveredtoday?Reverseproxy,load balancer,simpleAPIgateway,APImgtsolution 8. What’s wrong with it? Whatchanged? Needthem to share what they really need. 9. Are they modernizing? Forreal,or brownfieldmix/mess 10. Lookingto augment,rip/replace,Performanceand latency APIM Focus
| ©2018 F5 NETWORKS21 1. Existing WAFsolutions 2. The Deploymentoptionsrequirements 3. Describerthe existing communication/interactionbetweenDevelopmentand Operationsteams 4. How is the API implementationtested?Whattoolsare used? 5. Is there value to unify the securitytestsforAPI? WAF Focus

Recommended

Application Security with NGINX
Application Security with NGINXApplication Security with NGINX
Application Security with NGINXNGINX, Inc.
 
Get the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXGet the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXNGINX, Inc.
 
NGINX DevSecOps Workshop
NGINX DevSecOps WorkshopNGINX DevSecOps Workshop
NGINX DevSecOps WorkshopNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
NGINX Basics and Best Practices Workshop
NGINX Basics and Best Practices WorkshopNGINX Basics and Best Practices Workshop
NGINX Basics and Best Practices WorkshopNGINX, Inc.
 
Nim tames sprawl
Nim tames sprawlNim tames sprawl
Nim tames sprawlNGINX, Inc.
 
API Workloads on Kubernetes | Show Code Part 4
API Workloads on Kubernetes | Show Code Part 4API Workloads on Kubernetes | Show Code Part 4
API Workloads on Kubernetes | Show Code Part 4NGINX, Inc.
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXSecure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXNGINX, Inc.
 

Recommended

Application Security with NGINX
Application Security with NGINXApplication Security with NGINX
Application Security with NGINXNGINX, Inc.
 
Get the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXGet the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXNGINX, Inc.
 
NGINX DevSecOps Workshop
NGINX DevSecOps WorkshopNGINX DevSecOps Workshop
NGINX DevSecOps WorkshopNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
NGINX Basics and Best Practices Workshop
NGINX Basics and Best Practices WorkshopNGINX Basics and Best Practices Workshop
NGINX Basics and Best Practices WorkshopNGINX, Inc.
 
Nim tames sprawl
Nim tames sprawlNim tames sprawl
Nim tames sprawlNGINX, Inc.
 
API Workloads on Kubernetes | Show Code Part 4
API Workloads on Kubernetes | Show Code Part 4API Workloads on Kubernetes | Show Code Part 4
API Workloads on Kubernetes | Show Code Part 4NGINX, Inc.
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXSecure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXNGINX, Inc.
 
NGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX, Inc.
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...NGINX, Inc.
 
NGINX Unit at Scale: Use Cases and the Future of Unit
NGINX Unit at Scale: Use Cases and the Future of UnitNGINX Unit at Scale: Use Cases and the Future of Unit
NGINX Unit at Scale: Use Cases and the Future of UnitNGINX, Inc.
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsNGINX, Inc.
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPOlivia LaMar
 
Relevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINXRelevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINXNGINX, Inc.
 
Découvrez NGINX AppProtect
Découvrez NGINX AppProtectDécouvrez NGINX AppProtect
Découvrez NGINX AppProtectNGINX, Inc.
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Monitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicMonitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicNGINX, Inc.
 
Securing k8s With Kubernetes Goat
Securing k8s With Kubernetes GoatSecuring k8s With Kubernetes Goat
Securing k8s With Kubernetes GoatMuhammad Yuga Nugraha
 
How to Get Started With NGINX
How to Get Started With NGINXHow to Get Started With NGINX
How to Get Started With NGINXNGINX, Inc.
 
Securing Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudSecuring Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudOlivia LaMar
 
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINXNGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINXNGINX, Inc.
 
Migrating from BIG-IP Deployment to NGINX ADC
Migrating from BIG-IP Deployment to NGINX ADCMigrating from BIG-IP Deployment to NGINX ADC
Migrating from BIG-IP Deployment to NGINX ADCNGINX, Inc.
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerNGINX, Inc.
 
API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​NGINX, Inc.
 
Kubernetes and the NGINX Plus Ingress Controller
Kubernetes and the NGINX Plus Ingress ControllerKubernetes and the NGINX Plus Ingress Controller
Kubernetes and the NGINX Plus Ingress ControllerKatherine Bagood
 
Accélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerAccélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerNGINX, Inc.
 
Nginx app protect-for-meetup-v1.0-202006_lk
Nginx app protect-for-meetup-v1.0-202006_lkNginx app protect-for-meetup-v1.0-202006_lk
Nginx app protect-for-meetup-v1.0-202006_lkJuraj Hantak
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Cisco Canada
 

More Related Content

What's hot

NGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX, Inc.
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...NGINX, Inc.
 
NGINX Unit at Scale: Use Cases and the Future of Unit
NGINX Unit at Scale: Use Cases and the Future of UnitNGINX Unit at Scale: Use Cases and the Future of Unit
NGINX Unit at Scale: Use Cases and the Future of UnitNGINX, Inc.
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsNGINX, Inc.
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPOlivia LaMar
 
Relevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINXRelevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINXNGINX, Inc.
 
Découvrez NGINX AppProtect
Découvrez NGINX AppProtectDécouvrez NGINX AppProtect
Découvrez NGINX AppProtectNGINX, Inc.
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Monitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicMonitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicNGINX, Inc.
 
How to Get Started With NGINX
How to Get Started With NGINXHow to Get Started With NGINX
How to Get Started With NGINXNGINX, Inc.
 
Securing Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudSecuring Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudOlivia LaMar
 
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINXNGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINXNGINX, Inc.
 
Migrating from BIG-IP Deployment to NGINX ADC
Migrating from BIG-IP Deployment to NGINX ADCMigrating from BIG-IP Deployment to NGINX ADC
Migrating from BIG-IP Deployment to NGINX ADCNGINX, Inc.
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerNGINX, Inc.
 
API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​NGINX, Inc.
 
Kubernetes and the NGINX Plus Ingress Controller
Kubernetes and the NGINX Plus Ingress ControllerKubernetes and the NGINX Plus Ingress Controller
Kubernetes and the NGINX Plus Ingress ControllerKatherine Bagood
 
Accélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerAccélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerNGINX, Inc.
 

What's hot (20)

NGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJNGINX: Back to Basics – APCJ
NGINX: Back to Basics – APCJ
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
 
NGINX Unit at Scale: Use Cases and the Future of Unit
NGINX Unit at Scale: Use Cases and the Future of UnitNGINX Unit at Scale: Use Cases and the Future of Unit
NGINX Unit at Scale: Use Cases and the Future of Unit
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security Solutions
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
 
Relevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINXRelevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINX
 
Découvrez NGINX AppProtect
Découvrez NGINX AppProtectDécouvrez NGINX AppProtect
Découvrez NGINX AppProtect
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
 
Monitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicMonitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo Logic
 
Securing k8s With Kubernetes Goat
Securing k8s With Kubernetes GoatSecuring k8s With Kubernetes Goat
Securing k8s With Kubernetes Goat
 
How to Get Started With NGINX
How to Get Started With NGINXHow to Get Started With NGINX
How to Get Started With NGINX
 
Securing Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the CloudSecuring Your Apps & APIs in the Cloud
Securing Your Apps & APIs in the Cloud
 
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINXNGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
 
Migrating from BIG-IP Deployment to NGINX ADC
Migrating from BIG-IP Deployment to NGINX ADCMigrating from BIG-IP Deployment to NGINX ADC
Migrating from BIG-IP Deployment to NGINX ADC
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress Controller
 
API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​API Gateway Use Cases​ for Kubernetes​
API Gateway Use Cases​ for Kubernetes​
 
Kubernetes and the NGINX Plus Ingress Controller
Kubernetes and the NGINX Plus Ingress ControllerKubernetes and the NGINX Plus Ingress Controller
Kubernetes and the NGINX Plus Ingress Controller
 
Accélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX ControllerAccélérez vos déploiements applicatifs avec NGINX Controller
Accélérez vos déploiements applicatifs avec NGINX Controller
 

Similar to Secured APIM-as-a-Service

Nginx app protect-for-meetup-v1.0-202006_lk
Nginx app protect-for-meetup-v1.0-202006_lkNginx app protect-for-meetup-v1.0-202006_lk
Nginx app protect-for-meetup-v1.0-202006_lkJuraj Hantak
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Cisco Canada
 
f5_synthesis_cisco_connect.pdf
f5_synthesis_cisco_connect.pdff5_synthesis_cisco_connect.pdf
f5_synthesis_cisco_connect.pdfGrigoryShkolnik1
 
Using Cloud to Improve AppSec
Using Cloud to Improve AppSecUsing Cloud to Improve AppSec
Using Cloud to Improve AppSecPhillip Marlow
 
VMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINXEasily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINXNGINX, Inc.
 
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021VMware Tanzu
 
Continuous Delivery with CloudBees Core
Continuous Delivery with CloudBees CoreContinuous Delivery with CloudBees Core
Continuous Delivery with CloudBees CoreBhavani Rao
 
F5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-CloudF5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-Cloudabenyeung1
 
Application Modernization with PKS / Kubernetes
Application Modernization with PKS / KubernetesApplication Modernization with PKS / Kubernetes
Application Modernization with PKS / KubernetesPaul Czarkowski
 
Web Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery PipelinesWeb Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery PipelinesAvi Networks
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld
 
VMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSXVMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSXVMworld
 
Accelarting Hybrid Cloud Adoption through Use Cases in vCloud Air
Accelarting Hybrid Cloud Adoption through Use Cases in vCloud AirAccelarting Hybrid Cloud Adoption through Use Cases in vCloud Air
Accelarting Hybrid Cloud Adoption through Use Cases in vCloud AirNitin Saxena
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrewLibbySchulze
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshowpatmisasi
 
One And Done Multi-Cloud Load Balancing Done Right.pptx
One And Done Multi-Cloud Load Balancing Done Right.pptxOne And Done Multi-Cloud Load Balancing Done Right.pptx
One And Done Multi-Cloud Load Balancing Done Right.pptxAvi Networks
 
InterConnect 2015: 3045 Hybrid Cloud - How to get a return from an investment...
InterConnect 2015: 3045 Hybrid Cloud - How to get a return from an investment...InterConnect 2015: 3045 Hybrid Cloud - How to get a return from an investment...
InterConnect 2015: 3045 Hybrid Cloud - How to get a return from an investment...Daniel Berg
 
Application Security with NGINX | APAC
Application Security with NGINX | APACApplication Security with NGINX | APAC
Application Security with NGINX | APACNGINX, Inc.
 
Hybrid Cloud: How to Get a Return from an Investment Made Three Decades Ago (...
Hybrid Cloud: How to Get a Return from an Investment Made Three Decades Ago (...Hybrid Cloud: How to Get a Return from an Investment Made Three Decades Ago (...
Hybrid Cloud: How to Get a Return from an Investment Made Three Decades Ago (...Michael Elder
 

Similar to Secured APIM-as-a-Service (20)

Nginx app protect-for-meetup-v1.0-202006_lk
Nginx app protect-for-meetup-v1.0-202006_lkNginx app protect-for-meetup-v1.0-202006_lk
Nginx app protect-for-meetup-v1.0-202006_lk
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?
 
f5_synthesis_cisco_connect.pdf
f5_synthesis_cisco_connect.pdff5_synthesis_cisco_connect.pdf
f5_synthesis_cisco_connect.pdf
 
Using Cloud to Improve AppSec
Using Cloud to Improve AppSecUsing Cloud to Improve AppSec
Using Cloud to Improve AppSec
 
VMworld 2015: No App is An Island
VMworld 2015: No App is An IslandVMworld 2015: No App is An Island
VMworld 2015: No App is An Island
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINXEasily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINX
 
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
 
Continuous Delivery with CloudBees Core
Continuous Delivery with CloudBees CoreContinuous Delivery with CloudBees Core
Continuous Delivery with CloudBees Core
 
F5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-CloudF5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-Cloud
 
Application Modernization with PKS / Kubernetes
Application Modernization with PKS / KubernetesApplication Modernization with PKS / Kubernetes
Application Modernization with PKS / Kubernetes
 
Web Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery PipelinesWeb Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery Pipelines
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
 
VMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSXVMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSX
 
Accelarting Hybrid Cloud Adoption through Use Cases in vCloud Air
Accelarting Hybrid Cloud Adoption through Use Cases in vCloud AirAccelarting Hybrid Cloud Adoption through Use Cases in vCloud Air
Accelarting Hybrid Cloud Adoption through Use Cases in vCloud Air
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshow
 
One And Done Multi-Cloud Load Balancing Done Right.pptx
One And Done Multi-Cloud Load Balancing Done Right.pptxOne And Done Multi-Cloud Load Balancing Done Right.pptx
One And Done Multi-Cloud Load Balancing Done Right.pptx
 
InterConnect 2015: 3045 Hybrid Cloud - How to get a return from an investment...
InterConnect 2015: 3045 Hybrid Cloud - How to get a return from an investment...InterConnect 2015: 3045 Hybrid Cloud - How to get a return from an investment...
InterConnect 2015: 3045 Hybrid Cloud - How to get a return from an investment...
 
Application Security with NGINX | APAC
Application Security with NGINX | APACApplication Security with NGINX | APAC
Application Security with NGINX | APAC
 
Hybrid Cloud: How to Get a Return from an Investment Made Three Decades Ago (...
Hybrid Cloud: How to Get a Return from an Investment Made Three Decades Ago (...Hybrid Cloud: How to Get a Return from an Investment Made Three Decades Ago (...
Hybrid Cloud: How to Get a Return from an Investment Made Three Decades Ago (...
 

More from NGINX, Inc.

【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法NGINX, Inc.
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナーNGINX, Inc.
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法NGINX, Inc.
 
Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3NGINX, Inc.
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & KubecostManaging Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & KubecostNGINX, Inc.
 
Manage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with ObservabilityManage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with ObservabilityNGINX, Inc.
 
Accelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with AutomationAccelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with AutomationNGINX, Inc.
 
Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101NGINX, Inc.
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices ArchitecturesUnit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices ArchitecturesNGINX, Inc.
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!NGINX, Inc.
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!NGINX, Inc.
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXKeep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXNGINX, Inc.
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...NGINX, Inc.
 
Protecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINXProtecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINXNGINX, Inc.
 
NGINX Kubernetes API
NGINX Kubernetes APINGINX Kubernetes API
NGINX Kubernetes APINGINX, Inc.
 
Successfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINXSuccessfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINXNGINX, Inc.
 
Installing and Configuring NGINX Open Source
Installing and Configuring NGINX Open SourceInstalling and Configuring NGINX Open Source
Installing and Configuring NGINX Open SourceNGINX, Inc.
 
Shift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXShift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXNGINX, Inc.
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptxHow to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptxNGINX, Inc.
 
Kubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティKubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティNGINX, Inc.
 

More from NGINX, Inc. (20)

【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
 
Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & KubecostManaging Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & Kubecost
 
Manage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with ObservabilityManage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with Observability
 
Accelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with AutomationAccelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with Automation
 
Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices ArchitecturesUnit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXKeep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
 
Protecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINXProtecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINX
 
NGINX Kubernetes API
NGINX Kubernetes APINGINX Kubernetes API
NGINX Kubernetes API
 
Successfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINXSuccessfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINX
 
Installing and Configuring NGINX Open Source
Installing and Configuring NGINX Open SourceInstalling and Configuring NGINX Open Source
Installing and Configuring NGINX Open Source
 
Shift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXShift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINX
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptxHow to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
 
Kubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティKubernetes環境で実現するWebアプリケーションセキュリティ
Kubernetes環境で実現するWebアプリケーションセキュリティ
 

Recently uploaded

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 

Recently uploaded (20)

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 

Secured APIM-as-a-Service

  • 1. | ©2018 F5 NETWORKS1 Secured APIM-as-a-Service Frank Zhu
  • 2. | ©2018 F5 NETWORKS2 Objective
  • 3. | ©2018 F5 NETWORKS3 Bring DevOps best practices into Operations Provision & Security Turn Gate into Guardrail
  • 4. | ©2018 F5 NETWORKS4 Challenges
  • 5. | ©2018 F5 NETWORKS5 Digital Transformation Challenges SpeedComplexity Attack Surface Collaboration ✓ Inconsistent Security solution across cloud environments ✓ Lack of DevOps friendly security tools (CI/CD pipeline) ✓ Implement security early in the development process ✓ Deploy in modern architecture ✓ Microservices creates Additional attack vectors & new attack types ✓ SecOps view of DevOps: “They don’t take security seriously” ✓ DevOps View of SecOps: “They constantly are interrupting our pipeline, slowing us down, all for the sake of security”
  • 6. | ©2018 F5 NETWORKS6 The Solution
  • 7. | ©2018 F5 NETWORKS7 Declarative Support Base Templates predefined or externalreference Adaptation layer: Base Template Adaption Option to customize the initial policy {"policy": { "name":"AppPolicy01", "description":"AppV1.1 - DEMO FOR DECLARATIVE AND WEBHOOKS CAPABILITIES", "template":{ "name":"POLICY_TEMPLATE_RAPID_DEPLOYMENT" }, "enforcementMode":"blocking", "server-technologies":[ { "serverTechnologyName":"MySQL" } ], "signature-settings":{ "signatureStaging": false }, "modifications": [{ "entityChanges": { "type": "explicit" }, "entity": { "name": "log" }, "entityKind": "tm:asm:policies:filetypes:filetypestate", "action": "delete", "description": "Delete Disallowed File Type" } ] } Modification layer: Policy builder suggestions Part of the modification layer and can be shared between policies
  • 8. | ©2020 F58  Shift-Left  API Testing API Implementation API Definition API Onboarding API Deployment API Runtime Development OperationsSelf Service
  • 9. | ©2018 F5 NETWORKS9 Secured APIM-as-a-Service
  • 10. | ©2018 F5 NETWORKS10 Secured APIM-as-a-Microservice
  • 11. | ©2018 F5 NETWORKS11 Deployment Options
  • 12. | ©2018 F5 NETWORKS12 Deployment at the Edge (Tier 2) Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Edge NetOps/SecOps-Centric Approach This is a prime use case for Edge load balancer i.e. outside K8s. NetOps/SecOps empower their App/DevOps brethren to consume F5 application services in an automated manner.
  • 13. | ©2018 F5 NETWORKS13 Deployment on the Ingress Controller (Tier 3) Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Edge K8s SecOps/DevSecOps-Centric Approach Appropriate solution when secured policies are under direction of NetOps or DevOps teams. Policies are defined and associated with services using Kubernetes API. NGINX Ingress Controller RBAC allows: • Admin users to enforce policies per listener • DevOps users to select policy per Ingress Resource Leverage Container Ingress Services to scale NGINX Ingress Controller and add other application services (LB, DNS, DDoS, IAM).
  • 14. | ©2018 F5 NETWORKS14 Deployment forA Specific Service (Tier 3) Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Edge DevSecOps-Centric Approach Appropriate solution when secured policies are under direction of the DevSecOps team, and specific to a small number of services. Protection is implemented using a front-end proxy service for the protected service(s). • Easy to deploy securely • Security updates require re-deployment of per-service proxy tier Allows for greater resource control and reduces complexity of IC configuration.
  • 15. | ©2018 F5 NETWORKS15 Deployment forA Specific Pod (Tier 3) Ingress Controller pod pod pod pod pod Per-Pod proxy Per-Service proxy Edge AppOwner-Centric Approach Appropriate solution when App Owner has full control of security for their application. Protection is implemented using an embedded proxy for each application pod. • Implemented, tested and deployed using CI/CD pipeline • Security updates require re-deployment of application pods Suitable for services that require very close control and testing of API configuration.
  • 16. | ©2018 F5 NETWORKS16 Meet the Team
  • 17. | ©2018 F5 NETWORKS17 DevOps squad: 6-8 resources: 1. Tech lead 2. Scrum Master 3. Test Developer 4. Deployment Developer 5. 2-4 Full-Stack Developers Two-Pizza Team
  • 18.
  • 19. | ©2018 F5 NETWORKS19 Discovery Questions
  • 20. | ©2018 F5 NETWORKS20 1. How many APIsnowand overthe next year? How many Teams? 2. Internalor Externalconsumers?Determineswhat they need froma DevPortal& Auth Requirements 3. API stylesin use – REST,XML, gRPC,GraphQL.Nowvs Future. 4. Contractfirstapproach(Do theydesignbeforetheybuild APIs)? Existingspecs? 5. Deploymentflow(how many teams have to touchit) 6. Automationrequirements-DevOpspractices,CI/CD maturity 7. How are the APIs deliveredtoday?Reverseproxy,load balancer,simpleAPIgateway,APImgtsolution 8. What’s wrong with it? Whatchanged? Needthem to share what they really need. 9. Are they modernizing? Forreal,or brownfieldmix/mess 10. Lookingto augment,rip/replace,Performanceand latency APIM Focus
  • 21. | ©2018 F5 NETWORKS21 1. Existing WAFsolutions 2. The Deploymentoptionsrequirements 3. Describerthe existing communication/interactionbetweenDevelopmentand Operationsteams 4. How is the API implementationtested?Whattoolsare used? 5. Is there value to unify the securitytestsforAPI? WAF Focus