AppSec California 2019

NGINX is a very flexible platform that can be enhanced with strong security capabilities -- if you know what components you need and how to cook them. With our set of modules and tricks, everyone can get security visibility and real-time protection against OWASP Top10 attacks, bots, application abuse and potential data leakage issues. We will provide practical methods that your Dev, Sec and Ops teams can use whether NGINX is deployed as an ingress controller, an API gateway, a load balancer or an application server.

# Alerting and visibility
- Building a security dashboard to gain visibility of malicious traffic
- Easy & flexible alerting with NGINX and ElasticSearch
- Elegant analysis of web server log files for anomalies
- Mirroring traffic for async analysis with 3rd party tools

# APIs and microservices security
- Mitigating OWASP Top10 threats (SQL injections, XXE, XSS etc.)
- Up-to-date WAF options overview
- Proper WAF configurations and reducing false-positives.
- Detecting information data leakage events.
- Blocking traffic from Tor, data-centers and malicious IP addresses

# Protecting from bots and behavioral attacks
- Fingerprinting and blocking bots, account take-over attacks and identifying good crawlers (Google bot, etc).
- Catching scrapers with hidden links and honeypots.

# Ingress security:
- How and why to add a security layer on top of NGINX Ingress controller in cloud-native environments.