With NGINX Controller App Security for version 3.20 of the Application Delivery Module, you can now import your custom F5 Advanced WAF and NGINX App Protect WAF policies and distribute them across all your managed deployments. We call this Bring Your Own NGINX App Protect WAF Policy.
Tag: security
Tag: security
Securely Set DevOps Free with NGINX Modern Application Security
Despite the emergence of DevSecOps, security teams still seem to lag behind the pace of DevOps. Platform Ops can be the solution, where security teams provide self‑service, consumable policies to development teams. Find out how the NGINX suite of security products can help.
Fortifying APIs with Advanced Security
The NGINX Controller App Security add-on for Controller API Management provides an app-centric, self-service way for app teams to boost their API security with integrated WAF protection. Security teams can still define policies and monitor APIs for compliance.
Defending Applications from Complex and Modern Attacks
Layer 7 DoS attacks are a new and increasingly common threat to app performance and security. You need protection that integrates easily into your infrastructure and CI/CD pipelines, learns from observing user and app behavior, and doesn't affect performance even during an attack.
How NGINX App Protect Denial of Service Adapts to the Evolving Attack Landscape
We explain how NGINX App Protect Denial of Service (DoS) adapts its mitigation methods in real time to protect against Layer 7 DoS attacks. By creating a model of normal user behavior and server health, it can spot deviations that signal an attack and apply customized mitigation signatures.
NGINX App Protect Denial of Service Blocks Application-Level DoS Attacks
NGINX App Protect Denial of Service (DoS) protects your modern applications against sophisticated application-level (Layer 7) DoS attacks, including GET and POST flooding, Slowloris, Slow read, slow POST, Challenge Collapsar, NAT-disguised, and targeted SSL/TLS attacks.
The mTLS Architecture in NGINX Service Mesh
Service-to-service communication among microservices puts more data on the wire compared to monoliths. Using mutual TLS (mTLS) to encrypt and authenticate that communication is crucial. Here we dive deep into the mTLS implementation in NGINX Service Mesh.
Shifting Security Tools Left for Safer Apps
Strategies for shifting security left usually ignore WAF and other traditional tools for enforcing run‑time security policies. A complete modern solution needs to include WAF, but one that fits into your CI/CD pipelines and helps smooth friction between Security and DevOps.
Mitigating Security Vulnerabilities Quickly and Easily with NGINX Plus
An often-overlooked benefit of NGINX Plus is how it makes protecting yourself against security threats quick and easy. We proactively inform NGINX Plus subscribers of security vulnerabilities and patches, provide help during attacks, support JWT and OIDC authentication, and more.
Deploying NGINX as an API Gateway, Part 2: Protecting Backend Services
In the second post in our API gateway series, Liam shows you how to batten down the hatches on your API services. You can use rate limiting, access restrictions, request size limits, and request body validation to frustrate illegitimate or overly burdensome requests.