With NGINX Controller App Security for version 3.20 of the Application Delivery Module, you can now import your custom F5 Advanced WAF and NGINX App Protect WAF policies and distribute them across all your managed deployments. We call this Bring Your Own NGINX App Protect WAF Policy.
Despite the emergence of DevSecOps, security teams still seem to lag behind the pace of DevOps. Platform Ops can be the solution, where security teams provide self‑service, consumable policies to development teams. Find out how the NGINX suite of security products can help.
The NGINX Controller App Security add-on for Controller API Management provides an app-centric, self-service way for app teams to boost their API security with integrated WAF protection. Security teams can still define policies and monitor APIs for compliance.
Layer 7 DoS attacks are a new and increasingly common threat to app performance and security. You need protection that integrates easily into your infrastructure and CI/CD pipelines, learns from observing user and app behavior, and doesn't affect performance even during an attack.
We explain how NGINX App Protect Denial of Service (DoS) adapts its mitigation methods in real time to protect against Layer 7 DoS attacks. By creating a model of normal user behavior and server health, it can spot deviations that signal an attack and apply customized mitigation signatures.
NGINX App Protect Denial of Service (DoS) protects your modern applications against sophisticated application-level (Layer 7) DoS attacks, including GET and POST flooding, Slowloris, Slow read, slow POST, Challenge Collapsar, NAT-disguised, and targeted SSL/TLS attacks.
Service-to-service communication among microservices puts more data on the wire compared to monoliths. Using mutual TLS (mTLS) to encrypt and authenticate that communication is crucial. Here we dive deep into the mTLS implementation in NGINX Service Mesh.
Strategies for shifting security left usually ignore WAF and other traditional tools for enforcing run‑time security policies. A complete modern solution needs to include WAF, but one that fits into your CI/CD pipelines and helps smooth friction between Security and DevOps.
An often-overlooked benefit of NGINX Plus is how it makes protecting yourself against security threats quick and easy. We proactively inform NGINX Plus subscribers of security vulnerabilities and patches, provide help during attacks, support JWT and OIDC authentication, and more.