This practical webinar will cover techniques to build a robust security layer for your apps and APIs with a set of open-source or commercial tools. With the set of modules and tricks, everyone can get security visibility and real-time protection against OWASP Top10 attacks, bots, application abuse, and potential data leakage issues. We will provide practical methods that your Dev, Sec and Ops teams can use.

Alerting and visibility

• Building a security dashboard to gain visibility of malicious traffic
• Easy & flexible alerting with NGINX and ElasticSearch
• Elegant analysis of web server log files for anomalies
• Mirroring traffic for async analysis with 3rd party tools

APIs and microservices security

• Mitigating OWASP Top10 threats (A1:injections, A4:XXE, A7:XSS etc.)
• Up-to-date WAF options overview
• Proper WAF configurations and reducing false-positives
• Detecting information data leakage events.
• Blocking traffic from Tor, data-centers and malicious IP addresses

Protecting from bots and behavioral attacks

• Fingerprinting and blocking bots, account take-over attacks and identifying good crawlers (Google bot, etc)
• Catching scrapers with hidden links and honeypots
  
  

Protecting APIs and microservices in your Kubernetes environments

• How and why to add a security layer on top of NGINX Ingress controller in cloud-native environments
• Sidecar deployment

Wallarm Product Demo

• Gain visibility and 360-degree protection in your multi-cloud environments

Learn more:

• ‍Web API Security Guide