We explore some difficulties in developing cloud-native apps, and explain how NGINX software helps you solve them by reducing tool sprawl, controlling costs with lightweight solutions, and enabling SecOps to provide DevOps with self-service security that integrates into CI/CD pipelines.
Can Application Security Be Pain Free?
Application security is hard, but there are some best practices to help you achieve it: automate as much as possible, build security as a guardrail instead of a gate, select solutions that provide easily understood insights, and make security adaptable, scalable, and reliable.
Setting Up App Security as-a-Service for NGINX in Under 5 Minutes with F5 Essential App Protect
F5 Essential App Protect is a simple, pay-as-you-go, SaaS-based security service for securing apps proxied by NGINX and NGINX Plus. Based on F5’s 20+ years of app security expertise, it's a DevOps-ready service that protects against the security threats faced by modern apps.
Achieving FIPS Compliance with NGINX Plus
We explain how to run NGINX Plus in compliance with the FIPS 140-2 Security Requirements for Cryptographic Modules standard, which specifies the cryptographic protocols that are accepted by the U.S. Federal government and many other organizations.
Integrating Fortanix Self-Defending KMS with NGINX and NGINX Plus
With the Fortanix Self-Defending Key Management Service, you can offload TLS crytographic processing from your NGINX and NGINX Plus servers, and safely store your TLS keys for on-demand uploading into the NGINX Plus key-value store. We provide complete instructions for both use cases.
The Importance of Securing Real-Time APIs
A combination of factors makes APIs rich targets for security attacks. We discuss methods for securing APIs throughout their lifecycle, from design and development through delivery, using WAFs, bot protection, API management tools, and API gateways.
Agile Perimeter Security with NGINX App Protect
Establishing a security perimeter around your intranet is no longer enough to protect your apps. We show how to configure NGINX App Protect to establish the perimeter around individual apps as required by today's distributed applications and Zero Trust security mode
NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities
We have released updates to NGINX Open Source and NGINX Plus to fix vulnerabilities in the HTTP/2 protocol that were announced today (CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516). Upgrade as soon as possible to NGINX 1.17.3, NGINX 1.16.1, or NGINX Plus R18 P1.
Ask NGINX | April 2019
In this installment of our "Ask NGINX" series, we discuss how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, how to control the lifetime of content in the cache, and how to add the NGINX WAF to an NGINX Plus subscription.