The NGINX Controller App Security add-on for Controller API Management provides an app-centric, self-service way for app teams to boost their API security with integrated WAF protection. Security teams can still define policies and monitor APIs for compliance.
使用 NGINX App Protect 保护 Kubernetes 中的应用
依托于 NGINX Plus Ingress Controller for Kubernetes 版本 1.8.0,您可以将 NGINX App Protect WAF 嵌入到 Ingress Controller 中。这使 WAF 的保护更接近应用,这在 Kubernetes 等现代应用环境中至关重要。它还可以实现自动化并降低复杂性和成本。
Defending Applications from Complex and Modern Attacks
Layer 7 DoS attacks are a new and increasingly common threat to app performance and security. You need protection that integrates easily into your infrastructure and CI/CD pipelines, learns from observing user and app behavior, and doesn't affect performance even during an attack.
NGINX App Protect Denial of Service 如何适应不断演变的攻击态势
本文介绍了 NGINX App Protect Denial of Service (DoS) 如何通过实时调整缓解方法来抵御七层 DoS 攻击。通过创建一个包含正常用户行为和服务器健康状况的模型,NAP 可以通过模型的异常偏差发现攻击行为,并应用自定义的缓解特征库。
NGINX App Protect Denial of Service Blocks Application-Level DoS Attacks
NGINX App Protect Denial of Service (DoS) protects your modern applications against sophisticated application-level (Layer 7) DoS attacks, including GET and POST flooding, Slowloris, Slow read, slow POST, Challenge Collapsar, NAT-disguised, and targeted SSL/TLS attacks.
NGINX Service Mesh 中的 mTLS 架构
较之单体架构的应用,微服务之间的东西向通信需要在网络上传输更多的数据。使用双向 TLS (mTLS) 加密并验证这些通信内容十分重要。这篇文章中,我们深入阐述了 NGINX Service Mesh 是如何实施 mTLS 的。
Shifting Security Tools Left for Safer Apps
Strategies for shifting security left usually ignore WAF and other traditional tools for enforcing run‑time security policies. A complete modern solution needs to include WAF, but one that fits into your CI/CD pipelines and helps smooth friction between Security and DevOps.
NGINX Plus 助您快速轻松地缓解安全漏洞
NGINX Plus 一个经常被忽视的优势是它可以快速轻松地保护自己免受安全威胁。我们会主动通知 NGINX Plus 订阅者安全漏洞和补丁,在受到攻击期间提供帮助,支持 JWT 和 OIDC 身份验证等。
将 NGINX 部署为 API 网关,第 2 部分:保护后端服务
在我们的 API 网关系列的第二篇文章中,Liam 向您展示了如何针对您的 API 服务可能出现的问题未雨绸缪并做好准备。您可以使用速率限制、访问限制、请求大小限制和请求正文验证来阻止非法或过于繁重的请求。缓冲区溢出
Secure Cloud-Native Apps Without Losing Speed
We explore some difficulties in developing cloud-native apps, and explain how NGINX software helps you solve them by reducing tool sprawl, controlling costs with lightweight solutions, and enabling SecOps to provide DevOps with self-service security that integrates into CI/CD pipelines.