nginx – 페이지 35 – 지락문화예술공작단

NGINX App Protect Brings Security to the API Ecosystem

2021-03-18 KENNETH 0

NGINX App Protect Brings Security to the API Ecosystem p.block { color: #009639; font-size: 25px; line-height: 35px; font-family: Roboto; font-style: italic; position: relative; } In recent years, APIs have become the de facto approach to building the modern app economy. These software interfaces have become the predominant way to enable systems, applications, and devices to communicate and share a huge range of data and functionality. In essence, APIs have become the modern Silk Road for information and truly give the customer the power to unlock solutions that combine best-of-breed tools from various vendors. Of the organizations polled in MuleSoft’s annual Connectivity Benchmark Report, 80% use public and/or private APIs. Reported benefits include increased productivity (54%), increased innovation (47%), and cost savings (34%), among others. According to the survey, APIs also generate significant revenue for companies that publish them – on average 31% of total revenue. All [ more… ]

Introducing NGINX Instance Manager – A Tool to Track, Configure, and Monitor NGINX Open Source and NGINX Plus Instances at Scale

2021-03-17 KENNETH 0

Introducing NGINX Instance Manager – A Tool to Track, Configure, and Monitor NGINX Open Source and NGINX Plus Instances at Scale NGINX is the popular web server that powers more than 400 million websites. But it’s more than a web server – as a software‑based all-in-one load balancer, web server, API gateway, and reverse proxy designed for cloud‑native architectures, NGINX is really a Swiss Army Knife™ that accelerates your IT infrastructure and application modernization efforts. This wide‑ranging, versatile functionality can, however, lead to many NGINX instances spread across the organization, sometimes with NGINX Open Source and NGINX Plus managed by different groups. How do you track all the instances? How do you ensure they have up-to-date configuration and security settings? That’s where NGINX’s latest solution comes in – NGINX Instance Manager. NGINX Instance Manager simplifies NGINX asset management, configuration, and visibility. It is ideal [ more… ]

Shifting Security Tools Left for Safer Apps

2021-03-11 KENNETH 0

Shifting Security Tools Left for Safer Apps “Shifting security left” is not a new concept and is one that many technologists understand at a high level. It means implementing security policies and controls at early stages of the software development process and not just when apps go into production. Shifting security left requires your application developers and DevOps teams to consider security an integral part of their apps and processes (and in particular to test it at all phases of the CI/CD pipeline), and as a result fundamentally strengthens the security of your apps when they reach production. Despite the agreement on what shifting left means, controversy arises when the conversation turns to which tools and approaches are best suited to the task. Much of the public discussion focuses on tools for code scanning and automated patching, or on new [ more… ]

How to Improve Visibility in Kubernetes

2021-03-09 KENNETH 0

How to Improve Visibility in Kubernetes Adoption of microservices accelerates digital experiences, but microservices architectures can also make those experiences more fragile. While your developers are running fast to get new apps out the door, your architecture may be putting you at increased risk for outages, security exposures, and time wasted on inefficient troubleshooting or fixing preventable problems. In this second blog of our series on production‑grade Kubernetes, we examine how components that provide traffic visibility can reduce complexity and improve security in your microservices environments. Gain Visibility to Attain Insight First, let’s look at a couple of definitions: Visibility – The state of being able to see or be seen Insight – A deep understanding of a person or thing In a 2020 survey from StackRox, 75% of Kubernetes users identified visibility as a “must‑have” capability. We agree that visibility is key in [ more… ]

NGINX Announces Sponsorship of the OWASP ModSecurity CRS Project

2021-03-05 KENNETH 0

NGINX Announces Sponsorship of the OWASP ModSecurity CRS Project NGINX, a part of F5, Inc., is pleased to announce that we have become the first Gold sponsor of the OWASP ModSecurity Core Rule Set (CRS) project. The CRS is a set of web application firewall (WAF) rules which detect many kinds of attacks, including the OWASP Top Ten, with a minimum of false positives. Distributed under an open source license, the CRS is designed for use with ModSecurity – the world’s most popular open source WAF – and compatible WAFs. As the most widely used WAF rule set on the Internet, the CRS processes more than 100 terabits of traffic every second all over the globe. The ModSecurity WAF for NGINX Open Source natively supports the CRS. For details on enabling the CRS with the ModSecurity WAF, see our documentation. With our deep roots [ more… ]