NI
Uploaded byNGINX, Inc.
PDF, PPTX297 views

What's New with NGINX Application Security Solutions

The document provides an overview of F5's NGINX app security solutions, highlighting new features for modern application protection such as integrated security for microservices, containers, and APIs. It emphasizes the importance of embedding security into the development pipeline and offers tools for policy management and performance optimization. The NGINX Controller App Security is designed to simplify operations and enhance security across multi-cloud environments, facilitating easier security policy deployment and management.

Software
Related topics:
Application Security
Download as PDF, PPTX
NGINX App Security Solutions Update DAPHNE WON ISAAC NOUMBA DANIEL EDGAR
| ©2021 F5 2 Agenda • NGINX App Security Solutions Overview • NGINX App Protect: New features for protection of modern apps • NGINX Controller App Security • Q&A
| ©2021 F5 NETWORKS 3 F5/NGINX is delivering on the promise of Adaptive Apps BIG-IP NGINX BIG-IP + NGINX + SHAPE BEACON & AI Simplifying traditional app delivery for multi-cloud environments Enabling modern app delivery at scale Securing every app anywhere Unlocking the value of app insights Web app firewall Secure access App/web server Anti-fraud & anti-bot Denial of service Ingress controller API gateway Load balancer APPLICATION SECURITY APPLICATION DELIVERY APPLICATION INSIGHTS TELEMETRY
| ©2021 F5 NETWORKS 4 Tackle Your Application Security Challenges Embed Security Policy Your Pipeline Integrate security controls directly into your pipeline with security as code. Secure Modern Apps Strong security controls for microservices, containers, APIs, and other modern topologies. Gain Security Insights Security tools that go beyond alerts with intelligent security insights about your apps and APIs.
| ©2021 F5 NETWORKS 5 Tackle your application security challenges Security policies and protections are optimized for DevOps workflow. Deploy and manage app security controls across distributed environments. NGINX & F5 Investments Embed Security Policy Into Your Pipeline Integrate security controls directly into your pipeline with security as code. Secure Modern Apps Strong security controls for microservices, containers, APIs, and other modern topologies. Gain Security Insights Security tools that go beyond alerts with intelligent security insights about your apps and APIs. Centralized visibility and insights dig into the root cause of application issues.
| ©2021 F5 NETWORKS 6 NGINX Controller App Security (Available Now for Controller ADC) (Coming soon for Controller API-Management)) NGINX App Security Offer Summary NGINX App Protect DOS NGINX App Protect WAF ModSecurity for NGINX Plus ModSecurity OSS à Compliance Requirements – Higher Performance – Easier Tuning à Individual App/ Infrastructure Emphasis Enterprise Emphasis w/ App Centric Controls and DevOps Ease of Use Free
| ©2021 F5 7 NGINX App Protect Update
| ©2021 F5 NETWORKS 8 NGINX Plus routes, hardens, and secures your apps and APIs. Decentralized, best-of-breed tools that developers need for agility. Deployed as specific “flavors” optimized for application, API, and Kubernetes environments. Microservices Control Plane Kubernetes Ingress Controller Service Mesh NGINX Ingress Controller NGINX Service Mesh CODE CUSTOMER Data Plane Web Server / Reverse Proxy API Gateway Load Balancer CDN NGINX Plus Bare Metal | Containers | VMs | Private Cloud | Public Cloud | Hybrid Cloud | Multi-Cloud App
| ©2021 F5 NETWORKS 9 Microservices Control Plane Kubernetes Ingress Controller Service Mesh NGINX Ingress Controller NGINX Service Mesh CODE CUSTOMER Data Plane Web Server / Reverse Proxy API Gateway Load Balancer CDN NGINX Plus Data Plane Security NGINX App Protect DoS WAF Bare Metal | Containers | VMs | Private Cloud | Public Cloud | Hybrid Cloud | Multi-Cloud App Adding in NGINX App Protect Strong app security Built for modern app architectures CI/CD Friendly
| ©2021 F5 10 Tools Recently Introduced for App Protect WAF CONFIDENTIAL Policy Converter Converts BIG-IP XML format ASM/AWAF security policy to App Protect JSON declarative format Policy Exporter Exports a fully-populated JSON policy with applied settings from the base template Signature Report Tool Exports signature metadata of the signatures installed on a system User-defined Signatures Converter Converts ASM/AWAF user-defined signatures to App Protect JSON format Repo of tools demo: https://github.com/aknot242/app-protect-tools
| ©2021 F5 11 Demo: Policy Conversion & Signature Report
| ©2021 F5 NETWORKS 12 API Security Features • JSON Schema Enforcement • OpenAPI/Swagger Enforcement • gRPC Protofile Enforcement
| ©2021 F5 13 Demo: Open API & gRPC Protection
| ©2021 F5 14 NGINX Controller App Security
| ©2021 F5 NETWORKS 15 NGINX Controller automates application infrastructure-as-code. Manages apps and APIs centrally to simplify operations and security… … accelerating time-to-market without introducing complexity. Simplify code to customer | Respond with intelligent insights | Empower with self-service
| ©2021 F5 NETWORKS 16 NGINX Controller App Security
| ©2021 F5 NETWORKS 17 App Security Add-on for Controller ADC F5/NGINX CONFIDENTIAL Multi-cloud, Multi-instance Management App-centric, Self-Service WAF Enablement App Protection App-centric Feedback Loop Visibility and Insights WAF Policy Tuning • Management across environments and clouds • Data plane type: customer managed-lifecycle instances on virtual machines • App (component) level WAF enablement via same declarative Controller ADC API and Controller UI • Lightweight WAF traffic service (NGINX App Protect) • Out–of-the-box default policy for protection for low false positives Using default policy: • OWASP Top 10 protection • Malformed cookie, JSON, XML • Response status code checks, file type checks • HTTP RFC compliance, evasion techniques • WAF outcome stats & WAF violation events using Controller Analytics API • Top WAF threats • WAF events and Metrics with WAF dimensions forwarding to Splunk, Datadog, syslog servers • Top signatures for false positives investigations • Blocking or monitor-only enforcement modes • Signature disabling at App Component (URIs)
| ©2021 F5 NETWORKS 18 F5/NGINX is delivering on the promise of Adaptive Apps BIG-IP NGINX BIG-IP + NGINX + SHAPE BEACON & AI Simplifying traditional app delivery for multi-cloud environments Enabling modern app delivery at scale Securing every app anywhere Unlocking the value of app insights Web app firewall Secure access App/web server Anti-fraud & anti-bot Denial of service Ingress controller API gateway Load balancer APPLICATION SECURITY APPLICATION DELIVERY APPLICATION INSIGHTS TELEMETRY F5 WAF Technology F5 WAF Technology F5 WAF Technology
| ©2021 F5 NETWORKS 19 “Bring You Own” Custom NGINX App Protect Policy Use Cases NGINX App Protect WAF migrates to Controller App Security 2 1 adds + Controller App Security NGINX App Protect migrating to Controller for simplified management and out of the box insights F5 Advanced WAF or ASM customers adding Controller for protecting modern apps F5 Advanced WAF
| ©2021 F5 NETWORKS 20 BYO NAP Policy: Pass Declarative JSON Policy To Controller F5/NGINX CONFIDENTIAL Custom NGINX App Protect Declarative JSON API GUI NGINX Controller App Security Add-on
| ©2021 F5 21 CONFIDENTIAL Controller BYO NGINX App Protect Policy Demo
| ©2021 F5 22 NGINX Controller App Security (Available Now for Controller ADC) (Coming soon for Controller API-Management)) NGINX App Security Offer Summary NGINX App Protect DOS NGINX App Protect WAF ModSecurity for NGINX Plus ModSecurity OSS à Compliance Requirements – Higher Performance – Easier Tuning à Individual App/ Infrastructure Emphasis Enterprise Emphasis w/ App Centric Controls and DevOps Ease of Use Free
| ©2021 F5 NETWORKS 23 Want to Learn More? NGINX App Protect 1. Request a free trial of NGINX App Protect https://www.nginx.com/free-trial-request/ 2. Learn more https://www.nginx.com/products/nginx-app-protect/ NGINX Controller (including Controller App Security) 1. Request a free trial of NGINX Controller https://www.nginx.com/free-trial-request-nginx-controller/ 2. Learn more https://www.nginx.com/products/nginx-controller/
| ©2021 F5 NETWORKS 24 Q&A
| ©2021 F5 25 Thank you

More Related Content

PDF
Monitoring NGINX Deployments with Sumo Logic
byNGINX, Inc.
 
PDF
API Gateway Use Cases​ for Kubernetes​
byNGINX, Inc.
 
PPTX
Production-Grade Kubernetes With NGINX Ingress Controller
byNGINX, Inc.
 
PDF
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
byNGINX, Inc.
 
PDF
Découvrez NGINX AppProtect
byNGINX, Inc.
 
PDF
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PDF
Nim tames sprawl
byNGINX, Inc.
 
PDF
Application Security with NGINX | APAC
byNGINX, Inc.
 
Monitoring NGINX Deployments with Sumo Logic
byNGINX, Inc.
 
API Gateway Use Cases​ for Kubernetes​
byNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
byNGINX, Inc.
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
byNGINX, Inc.
 
Découvrez NGINX AppProtect
byNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
Nim tames sprawl
byNGINX, Inc.
 
Application Security with NGINX | APAC
byNGINX, Inc.
 

What's hot

PPTX
Controller and Coffee: Deliver APIs in Real Time with API Management
byNGINX, Inc.
 
PPTX
Extend DevOps to Your SQL Server Databases
byRed Gate Software
 
PPTX
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PPTX
NGINX: Back to Basics – APCJ
byNGINX, Inc.
 
PDF
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
byNGINX, Inc.
 
PPTX
Accélérez vos déploiements applicatifs avec NGINX Controller
byNGINX, Inc.
 
PDF
Fundamentals of microservices
byNGINX, Inc.
 
PPTX
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
byKatherine Bagood
 
PDF
Application Security with NGINX
byNGINX, Inc.
 
PDF
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
byNGINX, Inc.
 
PPTX
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
byNGINX, Inc.
 
PPTX
Revolutionising IT Agility
byNGINX, Inc.
 
PDF
Secured APIM-as-a-Service
byNGINX, Inc.
 
PPTX
Deployment Patterns for API gateways
byNGINX, Inc.
 
PDF
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
PPTX
NGINX Unit at Scale: Use Cases and the Future of Unit
byNGINX, Inc.
 
PDF
Relevez les défis Kubernetes avec NGINX
byNGINX, Inc.
 
PDF
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero
byNGINX, Inc.
 
PPTX
NGINX Controller: Configuration, Management, and Troubleshooting at Scale
byNGINX, Inc.
 
PDF
Why CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
byNGINX, Inc.
 
Controller and Coffee: Deliver APIs in Real Time with API Management
byNGINX, Inc.
 
Extend DevOps to Your SQL Server Databases
byRed Gate Software
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
NGINX: Back to Basics – APCJ
byNGINX, Inc.
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
byNGINX, Inc.
 
Accélérez vos déploiements applicatifs avec NGINX Controller
byNGINX, Inc.
 
Fundamentals of microservices
byNGINX, Inc.
 
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
byKatherine Bagood
 
Application Security with NGINX
byNGINX, Inc.
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
byNGINX, Inc.
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
byNGINX, Inc.
 
Revolutionising IT Agility
byNGINX, Inc.
 
Secured APIM-as-a-Service
byNGINX, Inc.
 
Deployment Patterns for API gateways
byNGINX, Inc.
 
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
NGINX Unit at Scale: Use Cases and the Future of Unit
byNGINX, Inc.
 
Relevez les défis Kubernetes avec NGINX
byNGINX, Inc.
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero
byNGINX, Inc.
 
NGINX Controller: Configuration, Management, and Troubleshooting at Scale
byNGINX, Inc.
 
Why CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
byNGINX, Inc.
 

Similar to What's New with NGINX Application Security Solutions

PDF
Nginx app protect-for-meetup-v1.0-202006_lk
byJuraj Hantak
 
PPTX
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
byOlivia LaMar
 
PDF
Secure Your Kubernetes Apps from Attacks with NGINX
byNGINX, Inc.
 
PPTX
Gain multi-cloud versatility with software load balancing designed for cloud-...
byAshnikbiz
 
PDF
Get the Most Out of Kubernetes with NGINX
byNGINX, Inc.
 
PPTX
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
byNGINX, Inc.
 
PDF
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
PPTX
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
PDF
NGINX DevSecOps Workshop
byNGINX, Inc.
 
PDF
Call of Duty: Warzone for Windows With Crack Free Download 2025
byIobit Uninstaller Pro Crack
 
PDF
Grand Theft Auto 6 PC Game Cracked Full Setup Download
byIobit Uninstaller Pro Crack
 
PDF
SamFw Tool v4.9 Samsung Frp Tool Free Download
byIobit Uninstaller Pro Crack
 
PDF
IObit Uninstaller Pro Crack {2025} Download Free
byIobit Uninstaller Pro Crack
 
PPTX
Replacing and Augmenting F5 BIG-IP with NGINX Plus
byNGINX, Inc.
 
PPTX
Secure Your Apps with NGINX Plus and the ModSecurity WAF
byNGINX, Inc.
 
PDF
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
byNGINX, Inc.
 
PPTX
NGINX Kubernetes Ingress Controller: Getting Started – EMEA
byAine Long
 
PDF
From Code to Customer with F5 and NGNX London Nov 19
byNGINX, Inc.
 
PPTX
Migrating from BIG-IP Deployment to NGINX ADC
byNGINX, Inc.
 
PDF
Making App Security and Delivery Ridiculously Easy
byCristian Garcia G.
 
Nginx app protect-for-meetup-v1.0-202006_lk
byJuraj Hantak
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
byOlivia LaMar
 
Secure Your Kubernetes Apps from Attacks with NGINX
byNGINX, Inc.
 
Gain multi-cloud versatility with software load balancing designed for cloud-...
byAshnikbiz
 
Get the Most Out of Kubernetes with NGINX
byNGINX, Inc.
 
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
byNGINX, Inc.
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
NGINX DevSecOps Workshop
byNGINX, Inc.
 
Call of Duty: Warzone for Windows With Crack Free Download 2025
byIobit Uninstaller Pro Crack
 
Grand Theft Auto 6 PC Game Cracked Full Setup Download
byIobit Uninstaller Pro Crack
 
SamFw Tool v4.9 Samsung Frp Tool Free Download
byIobit Uninstaller Pro Crack
 
IObit Uninstaller Pro Crack {2025} Download Free
byIobit Uninstaller Pro Crack
 
Replacing and Augmenting F5 BIG-IP with NGINX Plus
byNGINX, Inc.
 
Secure Your Apps with NGINX Plus and the ModSecurity WAF
byNGINX, Inc.
 
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
byNGINX, Inc.
 
NGINX Kubernetes Ingress Controller: Getting Started – EMEA
byAine Long
 
From Code to Customer with F5 and NGNX London Nov 19
byNGINX, Inc.
 
Migrating from BIG-IP Deployment to NGINX ADC
byNGINX, Inc.
 
Making App Security and Delivery Ridiculously Easy
byCristian Garcia G.
 

More from NGINX, Inc.

PDF
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
PDF
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
PDF
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
PPTX
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
PPTX
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
PDF
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
PDF
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
PDF
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
PDF
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
PDF
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
PDF
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
PDF
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
PPTX
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
PPTX
NGINX Kubernetes API
byNGINX, Inc.
 
PPTX
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
PPTX
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
PPTX
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
PPTX
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 
PDF
Kubernetes環境で実現するWebアプリケーションセキュリティ
byNGINX, Inc.
 
PDF
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...
byNGINX, Inc.
 
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
NGINX Kubernetes API
byNGINX, Inc.
 
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 
Kubernetes環境で実現するWebアプリケーションセキュリティ
byNGINX, Inc.
 
Software Delivery and the Rube Goldberg Machine: What Is the Problem We Are T...
byNGINX, Inc.
 

Recently uploaded

PDF
Top Tech Stacks for Developing Scalable Social Networking Apps.pdf
byOlivia Rose
 
PDF
Test Driven Development with mORMot 2 with Delphi and FPC
byArnaud Bouchez
 
PDF
VADY GenAI Dashboards: From KPIs to Executive-Ready Decisions in Seconds
byNewFangledVision
 
PPTX
White Label Travel Portal Solutions for B2C, B2B & B2E
byRayds Services Limited
 
PPTX
The Impact of GST on Medicine and the Healthcare Sector
byMarg Books
 
PPTX
Foundations of Marketo Engage - Professional Exam Preparation - October 2025
bybbedford2
 
PDF
GMIS 2025 - CAHSI ML Workshop By Dr. Lynne Grewe
byugoti
 
PPTX
Trailblazer Community Session - Patterns & Anti-Patterns_ The Good, The Bad, ...
bymansoorahmad941764
 
PDF
Dr. Robert Krug - A Data Science Veteran
byDr. Robert Krug
 
DOCX
Digital Dominance_ Why You Need a Top Web Design Agency in Dubai.docx
bydigpal3
 
PDF
How to Find an App Developer in Phoenix.pdf
byNet-Craft.com
 
PDF
Improving Customer Experience with Einstein AI and Salesforce Data Cloud
byMinuscule Technologies
 
PDF
Evolution and Examples of Java Features, from Java 1.7 to Java 25
byYann-Gaël Guéhéneuc
 
PDF
Comprehensive Logging with mORMot 2 on Delphi and FPC
byArnaud Bouchez
 
PPTX
What is the Best BI Tool for Real-Time Data Exploration Beyond Tableau.pptx
byVarsha Nayak
 
PDF
Workshop about mORMot 2 during EKON: write a clean-architecture TDD sample
byArnaud Bouchez
 
PDF
Building with AI using Local & Cloud-based AI IDE: Evaluation-Driven Developm...
byKunal Suri
 
PDF
AI and Generative AI: Dual-Use Risks and Autonomous Threats.pdf
byCyberneticGI
 
PPTX
LangSmith_and_LLM_Evaluation_Session 1.pptx
bymdqansari1
 
PDF
ICTlecture2 for 1st Semester Students of BS(CS)
bySirRafiLectures
 
Top Tech Stacks for Developing Scalable Social Networking Apps.pdf
byOlivia Rose
 
Test Driven Development with mORMot 2 with Delphi and FPC
byArnaud Bouchez
 
VADY GenAI Dashboards: From KPIs to Executive-Ready Decisions in Seconds
byNewFangledVision
 
White Label Travel Portal Solutions for B2C, B2B & B2E
byRayds Services Limited
 
The Impact of GST on Medicine and the Healthcare Sector
byMarg Books
 
Foundations of Marketo Engage - Professional Exam Preparation - October 2025
bybbedford2
 
GMIS 2025 - CAHSI ML Workshop By Dr. Lynne Grewe
byugoti
 
Trailblazer Community Session - Patterns & Anti-Patterns_ The Good, The Bad, ...
bymansoorahmad941764
 
Dr. Robert Krug - A Data Science Veteran
byDr. Robert Krug
 
Digital Dominance_ Why You Need a Top Web Design Agency in Dubai.docx
bydigpal3
 
How to Find an App Developer in Phoenix.pdf
byNet-Craft.com
 
Improving Customer Experience with Einstein AI and Salesforce Data Cloud
byMinuscule Technologies
 
Evolution and Examples of Java Features, from Java 1.7 to Java 25
byYann-Gaël Guéhéneuc
 
Comprehensive Logging with mORMot 2 on Delphi and FPC
byArnaud Bouchez
 
What is the Best BI Tool for Real-Time Data Exploration Beyond Tableau.pptx
byVarsha Nayak
 
Workshop about mORMot 2 during EKON: write a clean-architecture TDD sample
byArnaud Bouchez
 
Building with AI using Local & Cloud-based AI IDE: Evaluation-Driven Developm...
byKunal Suri
 
AI and Generative AI: Dual-Use Risks and Autonomous Threats.pdf
byCyberneticGI
 
LangSmith_and_LLM_Evaluation_Session 1.pptx
bymdqansari1
 
ICTlecture2 for 1st Semester Students of BS(CS)
bySirRafiLectures
 

What's New with NGINX Application Security Solutions

  • 1.
    NGINX App Security Solutions Update DAPHNEWON ISAAC NOUMBA DANIEL EDGAR
  • 2.
    | ©2021 F5 2 Agenda •NGINX App Security Solutions Overview • NGINX App Protect: New features for protection of modern apps • NGINX Controller App Security • Q&A
  • 3.
    | ©2021 F5NETWORKS 3 F5/NGINX is delivering on the promise of Adaptive Apps BIG-IP NGINX BIG-IP + NGINX + SHAPE BEACON & AI Simplifying traditional app delivery for multi-cloud environments Enabling modern app delivery at scale Securing every app anywhere Unlocking the value of app insights Web app firewall Secure access App/web server Anti-fraud & anti-bot Denial of service Ingress controller API gateway Load balancer APPLICATION SECURITY APPLICATION DELIVERY APPLICATION INSIGHTS TELEMETRY
  • 4.
    | ©2021 F5NETWORKS 4 Tackle Your Application Security Challenges Embed Security Policy Your Pipeline Integrate security controls directly into your pipeline with security as code. Secure Modern Apps Strong security controls for microservices, containers, APIs, and other modern topologies. Gain Security Insights Security tools that go beyond alerts with intelligent security insights about your apps and APIs.
  • 5.
    | ©2021 F5NETWORKS 5 Tackle your application security challenges Security policies and protections are optimized for DevOps workflow. Deploy and manage app security controls across distributed environments. NGINX & F5 Investments Embed Security Policy Into Your Pipeline Integrate security controls directly into your pipeline with security as code. Secure Modern Apps Strong security controls for microservices, containers, APIs, and other modern topologies. Gain Security Insights Security tools that go beyond alerts with intelligent security insights about your apps and APIs. Centralized visibility and insights dig into the root cause of application issues.
  • 6.
    | ©2021 F5NETWORKS 6 NGINX Controller App Security (Available Now for Controller ADC) (Coming soon for Controller API-Management)) NGINX App Security Offer Summary NGINX App Protect DOS NGINX App Protect WAF ModSecurity for NGINX Plus ModSecurity OSS à Compliance Requirements – Higher Performance – Easier Tuning à Individual App/ Infrastructure Emphasis Enterprise Emphasis w/ App Centric Controls and DevOps Ease of Use Free
  • 7.
    | ©2021 F5 7 NGINXApp Protect Update
  • 8.
    | ©2021 F5NETWORKS 8 NGINX Plus routes, hardens, and secures your apps and APIs. Decentralized, best-of-breed tools that developers need for agility. Deployed as specific “flavors” optimized for application, API, and Kubernetes environments. Microservices Control Plane Kubernetes Ingress Controller Service Mesh NGINX Ingress Controller NGINX Service Mesh CODE CUSTOMER Data Plane Web Server / Reverse Proxy API Gateway Load Balancer CDN NGINX Plus Bare Metal | Containers | VMs | Private Cloud | Public Cloud | Hybrid Cloud | Multi-Cloud App
  • 9.
    | ©2021 F5NETWORKS 9 Microservices Control Plane Kubernetes Ingress Controller Service Mesh NGINX Ingress Controller NGINX Service Mesh CODE CUSTOMER Data Plane Web Server / Reverse Proxy API Gateway Load Balancer CDN NGINX Plus Data Plane Security NGINX App Protect DoS WAF Bare Metal | Containers | VMs | Private Cloud | Public Cloud | Hybrid Cloud | Multi-Cloud App Adding in NGINX App Protect Strong app security Built for modern app architectures CI/CD Friendly
  • 10.
    | ©2021 F5 10 ToolsRecently Introduced for App Protect WAF CONFIDENTIAL Policy Converter Converts BIG-IP XML format ASM/AWAF security policy to App Protect JSON declarative format Policy Exporter Exports a fully-populated JSON policy with applied settings from the base template Signature Report Tool Exports signature metadata of the signatures installed on a system User-defined Signatures Converter Converts ASM/AWAF user-defined signatures to App Protect JSON format Repo of tools demo: https://github.com/aknot242/app-protect-tools
  • 11.
    | ©2021 F5 11 Demo:Policy Conversion & Signature Report
  • 12.
    | ©2021 F5NETWORKS 12 API Security Features • JSON Schema Enforcement • OpenAPI/Swagger Enforcement • gRPC Protofile Enforcement
  • 13.
    | ©2021 F5 13 Demo:Open API & gRPC Protection
  • 14.
    | ©2021 F5 14 NGINXController App Security
  • 15.
    | ©2021 F5NETWORKS 15 NGINX Controller automates application infrastructure-as-code. Manages apps and APIs centrally to simplify operations and security… … accelerating time-to-market without introducing complexity. Simplify code to customer | Respond with intelligent insights | Empower with self-service
  • 16.
    | ©2021 F5NETWORKS 16 NGINX Controller App Security
  • 17.
    | ©2021 F5NETWORKS 17 App Security Add-on for Controller ADC F5/NGINX CONFIDENTIAL Multi-cloud, Multi-instance Management App-centric, Self-Service WAF Enablement App Protection App-centric Feedback Loop Visibility and Insights WAF Policy Tuning • Management across environments and clouds • Data plane type: customer managed-lifecycle instances on virtual machines • App (component) level WAF enablement via same declarative Controller ADC API and Controller UI • Lightweight WAF traffic service (NGINX App Protect) • Out–of-the-box default policy for protection for low false positives Using default policy: • OWASP Top 10 protection • Malformed cookie, JSON, XML • Response status code checks, file type checks • HTTP RFC compliance, evasion techniques • WAF outcome stats & WAF violation events using Controller Analytics API • Top WAF threats • WAF events and Metrics with WAF dimensions forwarding to Splunk, Datadog, syslog servers • Top signatures for false positives investigations • Blocking or monitor-only enforcement modes • Signature disabling at App Component (URIs)
  • 18.
    | ©2021 F5NETWORKS 18 F5/NGINX is delivering on the promise of Adaptive Apps BIG-IP NGINX BIG-IP + NGINX + SHAPE BEACON & AI Simplifying traditional app delivery for multi-cloud environments Enabling modern app delivery at scale Securing every app anywhere Unlocking the value of app insights Web app firewall Secure access App/web server Anti-fraud & anti-bot Denial of service Ingress controller API gateway Load balancer APPLICATION SECURITY APPLICATION DELIVERY APPLICATION INSIGHTS TELEMETRY F5 WAF Technology F5 WAF Technology F5 WAF Technology
  • 19.
    | ©2021 F5NETWORKS 19 “Bring You Own” Custom NGINX App Protect Policy Use Cases NGINX App Protect WAF migrates to Controller App Security 2 1 adds + Controller App Security NGINX App Protect migrating to Controller for simplified management and out of the box insights F5 Advanced WAF or ASM customers adding Controller for protecting modern apps F5 Advanced WAF
  • 20.
    | ©2021 F5NETWORKS 20 BYO NAP Policy: Pass Declarative JSON Policy To Controller F5/NGINX CONFIDENTIAL Custom NGINX App Protect Declarative JSON API GUI NGINX Controller App Security Add-on
  • 21.
    | ©2021 F5 21CONFIDENTIAL Controller BYO NGINX App Protect Policy Demo
  • 22.
    | ©2021 F5 22 NGINXController App Security (Available Now for Controller ADC) (Coming soon for Controller API-Management)) NGINX App Security Offer Summary NGINX App Protect DOS NGINX App Protect WAF ModSecurity for NGINX Plus ModSecurity OSS à Compliance Requirements – Higher Performance – Easier Tuning à Individual App/ Infrastructure Emphasis Enterprise Emphasis w/ App Centric Controls and DevOps Ease of Use Free
  • 23.
    | ©2021 F5NETWORKS 23 Want to Learn More? NGINX App Protect 1. Request a free trial of NGINX App Protect https://www.nginx.com/free-trial-request/ 2. Learn more https://www.nginx.com/products/nginx-app-protect/ NGINX Controller (including Controller App Security) 1. Request a free trial of NGINX Controller https://www.nginx.com/free-trial-request-nginx-controller/ 2. Learn more https://www.nginx.com/products/nginx-controller/
  • 24.
    | ©2021 F5NETWORKS 24 Q&A
  • 25.