This practical webinar will cover techniques to build a robust security layer for your apps and APIs with a set of open-source or commercial tools. With the set of modules and tricks, everyone can get security visibility and real-time protection against OWASP Top10 attacks, bots, application abuse, and potential data leakage issues. We will provide practical methods that your Dev, Sec and Ops teams can use.

Topics covered:

• • Building a security dashboard to gain visibility of malicious traffic
  • Easy & flexible alerting with NGINX and ElasticSearch
  • Elegant analysis of web server log files for anomalies
  • Mirroring traffic for async analysis with third party tools

• • Mitigating OWASP Top10 threats (SQL injections, XXE, XSS etc.)
  • Up-to-date WAF options overview
  • Proper WAF configurations and reducing false-positives
  • Detecting information data leakage events
  • Blocking traffic from Tor, data-centers and malicious IP addresses

Protecting from bots and behavioral attacks

• • Fingerprinting and blocking bots, account take-over attacks and identifying good crawlers (Google bot, etc.)
  • Catching scrapers with hidden links and honeypot

• • How and why to add a security layer on top of NGINX Ingress controller in cloud-native environments
  • How and why to add a security layer on top of NGINX Ingress controller in cloud-native environments
  • Sidecar deployment

Wallarm Product Demo

• • Gain visibility and 360-degree protection in your multicloud environments