We explore some difficulties in developing cloud-native apps, and explain how NGINX software helps you solve them by reducing tool sprawl, controlling costs with lightweight solutions, and enabling SecOps to provide DevOps with self-service security that integrates into CI/CD pipelines.
Tag: security
Tag: security
Can Application Security Be Pain Free?
Application security is hard, but there are some best practices to help you achieve it: automate as much as possible, build security as a guardrail instead of a gate, select solutions that provide easily understood insights, and make security adaptable, scalable, and reliable.
Setting Up App Security as-a-Service for NGINX in Under 5 Minutes with F5 Essential App Protect
F5 Essential App Protect is a simple, pay-as-you-go, SaaS-based security service for securing apps proxied by NGINX and NGINX Plus. Based on F5’s 20+ years of app security expertise, it's a DevOps-ready service that protects against the security threats faced by modern apps.
Achieving FIPS Compliance with NGINX Plus
We explain how to run NGINX Plus in compliance with the FIPS 140-2 Security Requirements for Cryptographic Modules standard, which specifies the cryptographic protocols that are accepted by the U.S. Federal government and many other organizations.
Integrating Fortanix Self-Defending KMS with NGINX and NGINX Plus
With the Fortanix Self-Defending Key Management Service, you can offload TLS crytographic processing from your NGINX and NGINX Plus servers, and safely store your TLS keys for on-demand uploading into the NGINX Plus key-value store. We provide complete instructions for both use cases.
Securing Your Apps in Kubernetes with NGINX App Protect
With NGINX Plus Ingress Controller for Kubernetes release 1.8.0, NGINX App Protect can be embedded in the Ingress Controller. This puts WAF protection closer to applications, which is crucial in modern app environments like Kubernetes. It also enables automation and reduces complexity and cost.
The Importance of Securing Real-Time APIs
A combination of factors makes APIs rich targets for security attacks. We discuss methods for securing APIs throughout their lifecycle, from design and development through delivery, using WAFs, bot protection, API management tools, and API gateways.
Agile Perimeter Security with NGINX App Protect
Establishing a security perimeter around your intranet is no longer enough to protect your apps. We show how to configure NGINX App Protect to establish the perimeter around individual apps as required by today's distributed applications and Zero Trust security mode
Introducing NGINX App Protect: Advanced F5 Application Security for NGINX Plus
With NGINX App Protect, you no longer have to choose between security and performance. It combines the proven effectiveness of F5’s advanced WAF technology with the agility and performance of NGINX Plus, to address the security challenges facing modern DevOps environments.
Using the NGINX Plus Key-Value Store to Secure Ephemeral SSL Keys from HashiCorp Vault
In high-security environments, it's important to store sensitive data like SSL certificate-key pairs in memory only, not on disk. Here we show how to generate ephemeral SSL key pairs using HashiCorp Vault and store them in the in-memory NGINX Plus key-value store.