With NGINX Controller App Security for version 3.20 of the Application Delivery Module, you can now import your custom F5 Advanced WAF and NGINX App Protect WAF policies and distribute them across all your managed deployments. We call this Bring Your Own NGINX App Protect WAF Policy.
Modern DoS attacks against application logic at Layer 7 are hidden in encrypted channels, making them hard to detect. NGINX App Protect Denial of Service measures client behavior and server stress to detect and mitigate Layer 7 DoS attacks.
Despite the emergence of DevSecOps, security teams still seem to lag behind the pace of DevOps. Platform Ops can be the solution, where security teams provide self‑service, consumable policies to development teams. Find out how the NGINX suite of security products can help.
NGINX, a part of F5, Inc., is pleased to announce that we have become the first Gold sponsor of the OWASP ModSecurity Core Rule Set (CRS) project. We look forward to working with the CRS team and helping ensure the CRS project’s long-term success.
We explain how NGINX Controller App Security for application delivery provides threat visibility and actionable analytics, enabling SecOps to prevent potential threats, respond in a timely way, and mitigate false positives, resulting in an improved app security posture.
We introduce the NGINX Controller App Security add-on for Controller Application Delivery, which provides an app-centric, self-service way for app teams to enable WAF protection for their apps, while security teams can still define policies and monitor apps for compliance.
We provide guidance on where to deploy application services in a Kubernetes environment, using WAF as an example. Depending on your needs, it can make sense to deploy your WAF at the "front door" of the environment, on the Ingress Controller, per-service, or per-Pod.
The overall solution to security can be complicated, but the most important piece of the puzzle is a web application firewall (WAF).
With NGINX App Protect, you no longer have to choose between security and performance. It combines the proven effectiveness of F5’s advanced WAF technology with the agility and performance of NGINX Plus, to address the security challenges facing modern DevOps environments.