较之单体架构的应用,微服务之间的东西向通信需要在网络上传输更多的数据。使用双向 TLS (mTLS) 加密并验证这些通信内容十分重要。这篇文章中,我们深入阐述了 NGINX Service Mesh 是如何实施 mTLS 的。
将安全防护工具左移,让应用更安全
Strategies for shifting security left usually ignore WAF and other traditional tools for enforcing run‑time security policies. A complete modern solution needs to include WAF, but one that fits into your CI/CD pipelines and helps smooth friction between Security and DevOps.
NGINX Plus 助您快速轻松地缓解安全漏洞
NGINX Plus 一个经常被忽视的优势是它可以快速轻松地保护自己免受安全威胁。我们会主动通知 NGINX Plus 订阅者安全漏洞和补丁,在受到攻击期间提供帮助,支持 JWT 和 OIDC 身份验证等。
将 NGINX 部署为 API 网关,第 2 部分:保护后端服务
在我们的 API 网关系列的第二篇文章中,Liam 向您展示了如何针对您的 API 服务可能出现的问题未雨绸缪并做好准备。您可以使用速率限制、访问限制、请求大小限制和请求正文验证来阻止非法或过于繁重的请求。缓冲区溢出
在不影响速度的同时保护云原生应用
We explore some difficulties in developing cloud-native apps, and explain how NGINX software helps you solve them by reducing tool sprawl, controlling costs with lightweight solutions, and enabling SecOps to provide DevOps with self-service security that integrates into CI/CD pipelines.
应用安全防护可以变得简单些吗?
Application security is hard, but there are some best practices to help you achieve it: automate as much as possible, build security as a guardrail instead of a gate, select solutions that provide easily understood insights, and make security adaptable, scalable, and reliable.
借助 F5 Essential App Protect 在 5 分钟内为 NGINX 设置应用安全防护即服务
F5 Essential App Protect is a simple, pay-as-you-go, SaaS-based security service for securing apps proxied by NGINX and NGINX Plus. Based on F5’s 20+ years of app security expertise, it's a DevOps-ready service that protects against the security threats faced by modern apps.
借助 NGINX Plus 实现 FIPS 合规性
We explain how to run NGINX Plus in compliance with the FIPS 140-2 Security Requirements for Cryptographic Modules standard, which specifies the cryptographic protocols that are accepted by the U.S. Federal government and many other organizations.
将 NGINX 或 NGINX Plus 与 Fortanix Self-Defending KMS 集成
With the Fortanix Self-Defending Key Management Service, you can offload TLS crytographic processing from your NGINX and NGINX Plus servers, and safely store your TLS keys for on-demand uploading into the NGINX Plus key-value store. We provide complete instructions for both use cases.
保护实时 API 的重要性
A combination of factors makes APIs rich targets for security attacks. We discuss methods for securing APIs throughout their lifecycle, from design and development through delivery, using WAFs, bot protection, API management tools, and API gateways.