Name: Reference Designs for Application Security in Kubernetes - Ep 13
Start: 2023-01-26T10:00:00Z
End: 2023-01-26T10:56:27.000Z
Location: BrightTALK
Rating: 5

F5 application services ensure that applications are always secure and perform the way they should—in any environment and on any device. 

F5 EMEA hosts webinar series on the latest IT industry trends around app services and security, so please stay tuned to this channel to get the latest information.  
 
To learn more about F5, visit f5.com or follow @F5_EMEA on Twitter.

The unprecedented disruption over the last couple of years has structurally altered the composition and defining characteristics of the enterprise IT landscape. Cloud has emerged as the undisputed engine powering the notion of a future-ready Digital, Distributed Enterprise (DDE).

The DDE will be characterised by extensive usage of cloud-centric technologies and environments, ubiquitous infrastructure and workload deployment options, and highly automated IT operations as it embarks on the next stage of its digital journey.

A common cross-cloud platform that provides a common abstraction layer to automate, orchestrate and manage across the distributed, multi- and hybrid-cloud environment is key to realising the vision of a DDE.

This IDC InfoBrief, sponsored by F5, explores one of the three key capabilities that are key to building a DDE.

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time.

Securing the Digital, Distributed Enterprise

Learn how you can deploy and consume F5 Distributed Cloud Services closer to your apps, either on premises or in private and public clouds, by leveraging the Customer Edge concept. While the operational model is identical to the one explained in the previous sessions, the deployment model is different. 

F5 Demo Days – Experience F5’s comprehensive, easy-to-use SaaS security solution 

F5 Distributed Cloud Services are SaaS-based security, networking, and application management services that enable customers to deploy, secure, and operate their applications in a cloud-native environment wherever needed – data center, multi-cloud, or the network edge. 

In a series of six short demo sessions, we’ll be demonstrating the power of the F5 Distributed Cloud Web Application and API Protection (WAAP) solution and how easy it is to enable security services, including SaaS-based WAF, API security, bot defence, and DDoS mitigation. 

By watching this demo session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services, but you can unsubscribe at any time

Decentralising WAAPaaS with Customer Edge - Ep 6

Organisations need a dynamic platform consolidating networking, security, application delivery and cloud-native services, to simplify operations. This episode will shine the spotlight on cross-cloud management and operations, with a new focus on centralising observability and the benefits it can bring to AIOps.

This IDC InfoBrief, sponsored by F5, explores one of the three key capabilities that are key to building a DDE.

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time.

Running The Digital, Distributed Cloud

Get insights into how F5 Distributed Cloud Services can help simplify bot and automated threat protection. We will demonstrate how our embedded AI engine makes detection and protection highly accurate. 

F5 Demo Days – Experience F5’s comprehensive, easy-to-use SaaS security solution 

F5 Distributed Cloud Services are SaaS-based security, networking, and application management services that enable customers to deploy, secure, and operate their applications in a cloud-native environment wherever needed – data centre, multi-cloud, or the network edge. 

In a series of six short demo sessions, we’ll be demonstrating the power of the F5 Distributed Cloud Web Application and API Protection (WAAP) solution and how easy it is to enable security services, including SaaS-based WAF, API security, bot defence, and DDoS mitigation. 

 By watching this demo session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services, but you can unsubscribe at any time

Blocking Automated Threats and Smart Bots - Ep 5

The unprecedented disruption over the last couple of years has structurally altered the composition and defining characteristics of the enterprise IT landscape. Cloud has emerged as the undisputed engine powering the notion of a future-ready Digital, Distributed Enterprise (DDE).

The DDE will be characterised by extensive usage of cloud-centric technologies and environments, ubiquitous infrastructure and workload deployment options, and highly automated IT operations as it embarks on the next stage of its digital journey.

A common cross-cloud platform that provides a common abstraction layer to automate, orchestrate and manage across the distributed, multi- and hybrid-cloud environment is key to realizing the vision of a DDE.

This IDC InfoBrief, sponsored by F5, explores one of the three key capabilities to building a DDE.

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time.

Connecting The Digital, Distributed Cloud

Get an understanding of application-layer DDoS protection in F5 Distributed Cloud Services and learn about its attack detection capabilities. We will demonstrate how to configure the solution to mitigate attack traffic. 

F5 Demo Days – Experience F5’s comprehensive, easy-to-use SaaS security solution 

F5 Distributed Cloud Services are SaaS-based security, networking, and application management services that enable customers to deploy, secure, and operate their applications in a cloud-native environment wherever needed – data center, multi-cloud, or the network edge. 

In a series of six short demo sessions, we’ll be demonstrating the power of the F5 Distributed Cloud Web Application and API Protection (WAAP) solution and how easy it is to enable security services, including SaaS-based WAF, API security, bot defence, and DDoS mitigation. 

By watching this demo session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services, but you can unsubscribe at any time

Protecting Applications against DDoS Attacks - Ep 4

SSRF flaws occur when a web app fetches a remote resource without validating the user-supplied URL. Attackers can coerce the app to send a request to an unexpected destination—even if it’s secured by a firewall, VPN, or other network access control list (ACL). 

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time
 
Protect Your Web Apps from New and Critical Risks 
The OWASP Top 10 is a broad consensus about the most critical security risks to web applications. The 2021 update gives guidance to help secure modern web applications and architectures from exploits, abuse, and misconfiguration, as well as recommendations for mitigating new risks involving software supply chains, CI/CD pipelines, and open source software. 

Watch the 2021 OWASP Top 10 Lightboard Lesson series for a breakdown of the new OWASP Top 10 and learn: 

• How OWASP creates its Top 10 list of the most critical security risks to web applications. 
• Key changes for 2021, including recategorization of risk to align symptoms to root causes. 
• When each risk can manifest, why it matters, and how to improve your security posture. 

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. OWASP maintains a variety of projects, including the Top 10 web application security risks standard awareness document for developers and security practitioners.

OWASP Top 10: Server Side Request Forger - Ep10

Gain insights into how F5 Distributed Cloud Services can help you integrate security into the API development lifecycle, ensuring your SecOps-governed API security policies stay in sync with the latest API changes by the DevOps teams. 

 F5 Demo Days – Experience F5’s comprehensive, easy-to-use SaaS security solution 

F5 Distributed Cloud Services are SaaS-based security, networking, and application management services that enable customers to deploy, secure, and operate their applications in a cloud-native environment wherever needed – data center, multi-cloud, or the network edge. 

In a series of six short demo sessions, we’ll be demonstrating the power of the F5 Distributed Cloud Web Application and API Protection (WAAP) solution and how easy it is to enable security services, including SaaS-based WAF, API security, bot defence, and DDoS mitigation. 

 

By watching this demo session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services, but you can unsubscribe at any time

Applying the Easy Button for API Security - Ep 3

Application security is rapidly evolving in a space where new challenges converge, from supply chain delays to accelerated adoption of digital experiences. Today, organisations require flexible solutions that can grow with their rapidly shifting needs.

You can deploy and secure your applications without delay by moving to a distributed cloud. Join us for a discussion about the speed and flexibility of cloud-based security and Web Application and API Protection (WAAP), which can be deployed instantly without infrastructure overhead.

Our experts will be providing guidelines on how to:
- Deploy, secure, and scale applications using a distributed cloud platform
- Secure applications with a SaaS-based WAAP solution
- Protect applications from a myriad of threats with a web application firewall
- Guard APIs from attempted breaches by threat actors
- Defend against bot attacks, account takeover, denial of service, and more
- Deliver multi-layered protection against attacks using DDoS mitigation

Protecting Apps and APIs with New WAAP Solution

Without properly logging and monitoring app activities, breaches cannot be detected. Not doing so directly impacts visibility, incident alerting, and forensics. The longer an attacker goes undetected, the more likely the system will be compromised. 
  
Protect Your Web Apps from New and Critical Risks 
The OWASP Top 10 is a broad consensus about the most critical security risks to web applications. The 2021 update gives guidance to help secure modern web applications and architectures from exploits, abuse, and misconfiguration, as well as recommendations for mitigating new risks involving software supply chains, CI/CD pipelines, and open source software. 
  
Watch the 2021 OWASP Top 10 Lightboard Lesson series for a breakdown of the new OWASP Top 10 and learn:
 
 • How OWASP creates its Top 10 list of the most critical security risks to web applications. 
 • Key changes for 2021, including recategorization of risk to align symptoms to root causes. 
 • When each risk can manifest, why it matters, and how to improve your security posture. 

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. OWASP maintains a variety of projects, including the Top 10 web application security risks standard awareness document for developers and security practitioners. 
  
By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time.

OWASP Top 10: Security Logging and Monitoring Failures - Ep 9

Learn how F5 Distributed Cloud Services provide you with a new Web Application Firewall (WAF) boundary to help protect your web applications and APIs wherever they are located, with a simplified approach adapted to the needs of SecOps and DevOps. 

 
F5 Demo Days – Experience F5’s comprehensive, easy-to-use SaaS security solution 

F5 Distributed Cloud Services are SaaS-based security, networking, and application management services that enable customers to deploy, secure, and operate their applications in a cloud-native environment wherever needed – data centre, multi-cloud, or the network edge. 

In a series of six short demo sessions, we’ll be demonstrating the power of the F5 Distributed Cloud Web Application and API Protection (WAAP) solution and how easy it is to enable security services, including SaaS-based WAF, API security, bot defence, and DDoS mitigation. 

By watching this demo session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services, but you can unsubscribe at any time

Creating the New WAF Boundary - Ep 2

This new risk category focuses on making assumptions related to software updates, critical data, and CI/CD pipelines without verifying integrity. The SolarWinds supply-chain attack is one of the most damaging we've seen. 
  
Protect Your Web Apps from New and Critical Risks 
The OWASP Top 10 is a broad consensus about the most critical security risks to web applications. The 2021 update gives guidance to help secure modern web applications and architectures from exploits, abuse, and misconfiguration, as well as recommendations for mitigating new risks involving software supply chains, CI/CD pipelines, and open source software. 
  
Watch the 2021 OWASP Top 10 Lightboard Lesson series for a breakdown of the new OWASP Top 10 and learn:
 
 • How OWASP creates its Top 10 list of the most critical security risks to web applications. 
 • Key changes for 2021, including recategorization of risk to align symptoms to root causes. 
 • When each risk can manifest, why it matters, and how to improve your security posture. 
 
The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. OWASP maintains a variety of projects, including the Top 10 web application security risks standard awareness document for developers and security practitioners. 
  
By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time.

OWASP Top 10: Software and Data Integrity Failures - Ep8

Experience the look-and-feel and get an understanding of the main concepts and building blocks of the F5 Distributed Cloud Services Platform. This SaaS-based platform allows you to quickly deploy, secure, connect, and operate your applications in a multi-cloud environment. 

 

F5 Demo Days – Experience F5’s comprehensive, easy-to-use SaaS security solution 

F5 Distributed Cloud Services are SaaS-based security, networking, and application management services that enable customers to deploy, secure, and operate their applications in a cloud-native environment wherever needed – data centre, multi-cloud, or the network edge. 

In a series of six short demo sessions, we’ll be demonstrating the power of the F5 Distributed Cloud Web Application and API Protection (WAAP) solution and how easy it is to enable security services, including SaaS-based WAF, API security, bot defence, and DDoS mitigation. 

By watching this demo session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services, but you can unsubscribe at any time

Getting to Know the F5 Distributed Cloud Platform - Ep 1

It is critical to confirm identity and use strong authentication and session management to protect against business logic abuse. Most authentication attacks trace to the continued use of passwords. Compromised credentials, botnets, and sophisticated tools provide an attractive ROI for automated attacks like credential stuffing. 
  
Protect Your Web Apps from New and Critical Risks 

The OWASP Top 10 is a broad consensus about the most critical security risks to web applications. The 2021 update gives guidance to help secure modern web applications and architectures from exploits, abuse, and misconfiguration, as well as recommendations for mitigating new risks involving software supply chains, CI/CD pipelines, and open source software. 
  
Watch the 2021 OWASP Top 10 Lightboard Lesson series for a breakdown of the new OWASP Top 10 and learn: 

 • How OWASP creates its Top 10 list of the most critical security risks to web applications. 
 • Key changes for 2021, including recategorization of risk to align symptoms to root causes. 
 • When each risk can manifest, why it matters, and how to improve your security posture. 
 
The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. OWASP maintains a variety of projects, including the Top 10 web application security risks standard awareness document for developers and security practitioners.
 
By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time.

OWASP Top 10: Identification and Authentication Failures - Ep7

Open Source software exploits are behind many of the biggest security incidents. The recent Log4j2 vulnerability is perhaps the most serious risk in this category to date. 
 
Protect Your Web Apps from New and Critical Risks 
The OWASP Top 10 is a broad consensus about the most critical security risks to web applications. The 2021 update gives guidance to help secure modern web applications and architectures from exploits, abuse, and misconfiguration, as well as recommendations for mitigating new risks involving software supply chains, CI/CD pipelines, and open source software. 
 
Watch the 2021 OWASP Top 10 Lightboard Lesson series for a breakdown of the new OWASP Top 10 and learn: 

• How OWASP creates its Top 10 list of the most critical security risks to web applications. 
• Key changes for 2021, including recategorization of risk to align symptoms to root causes. 
• When each risk can manifest, why it matters, and how to improve your security posture. 

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. OWASP maintains a variety of projects, including the Top 10 web application security risks standard awareness document for developers and security practitioners. 

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time.

OWASP Top 10: Vulnerable and Outdated Components - Ep 6

The fact that application attacks are on the rise is a growing concern for business leaders, as applications are the gateway to an organisation's most valuable assets – the data.

With the right web application firewall (WAF), you can block the relentless attacks that aim to take down your services and exfiltrate your data. Application and DevOps teams adopting agile methodologies are now building and deploying new apps at a speed that is difficult for security teams to keep up with.

In this session our experts will explain how you can reduce time-to-market for your new apps by:
• Harmonising your WAF deployment with your DevOps practices to reduce friction between application and security teams
• Integrating your WAF security policies into the developers’ CI/CD pipelines
• Adopting a security-as-code methodology by integrating security policies in a repository, such as Git

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

Ep 7 - Integrating WAF into DevSecOps Practices

Security Misconfiguration is a major source of cloud breaches. Learn what to do and avoid—as modern app development, software re-use, and architectural sprawl across clouds increases this risk. 
 
Protect Your Web Apps from New and Critical Risks 

The OWASP Top 10 is a broad consensus about the most critical security risks to web applications. The 2021 update gives guidance to help secure modern web applications and architectures from exploits, abuse, and misconfiguration, as well as recommendations for mitigating new risks involving software supply chains, CI/CD pipelines, and open source software. 
 
Watch the 2021 OWASP Top 10 Lightboard Lesson series for a breakdown of the new OWASP Top 10 and learn: 

• How OWASP creates its Top 10 list of the most critical security risks to web applications. 
• Key changes for 2021, including recategorization of risk to align symptoms to root causes. 
• When each risk can manifest, why it matters, and how to improve your security posture. 

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. OWASP maintains a variety of projects, including the Top 10 web application security risks standard awareness document for developers and security practitioners. 

Watch the other episodes of the series – linked below.

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

OWASP Top 10: Security Misconfiguration - Ep 5

Join us for an exclusive myForum event where we explore and debate the most pressing cybersecurity concerns of 2022, and more importantly how organisations can fight back.

Today's cybercriminals vary wildly by motivation, sophistication, level of resources, and depth of specialisation. At the same time, applications are becoming increasingly distributed and decentralised, creating a whole new world of challenges and pain.

Cybersecurity is an infinite game where no organisation or vendor can ever claim outright victory. Staying in that game is only achievable with a long-term strategy, relentless persistence, and constant innovation.

Drawing on the latest research and insights, Bryan Glick (Editor in Chief, Computer Weekly) will be moderating a panel consisting of Lisa Forte (Cybersecurity Expert and Top 100 Women in Tech award winner), David Warburton (Threat Research Manager, F5 Labs), and Matthieu Dierick (Solutions Architect, F5).

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

Ep 9 - Biggest Cybersecurity Challenges of 2022: Are You Prepared?

API Governance & Security In the Modern Enterprise - Ep 12

WAF Market Trends & Security Analyst Recommendations - Ep 11

Ep 8 - Securing Apps Starts with Securing Kubernetes

Ep 6 - Scaling Your App Delivery Infrastructure in Minutes not Days

Ep 5 - Top 5 Pitfalls to Avoid in Client-Side Security

Ep 4 - Why You Need Observability Beyond Monitoring Apps

Ep 3 - Smarter Bot Mitigation with Machine Learning

Ep 2 - Multi-layer App Security in Kubernetes for DevSecOps

Ep 1 - Modernising and Securing Your API Architecture

MyForum Series

How AUDI Boosted Time-to-Market Through Cultural Change & Security First - Ep 10

Kubernetes has become the de facto platform standard for modern applications. While it provides tools and capabilities to control network and application security, there are many different ways to implement these.

Your security architecture should aim to provide the best possible protection for your applications, while staying aligned with your organisational structure. A flexible model based on shared responsibilities and cloud-native security solutions is key to a successful Kubernetes journey.

By attending this session, you will:

- Understand the main building blocks for application security in Kubernetes
- Gain insights into how NetOps, DevOps, and SecOps can cooperate
- Discover the shift-left approach to security and why it matters

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

Reference Designs for Application Security in Kubernetes - Ep 13

Kubernetes

Cloud Native

SaaS

Application Security

APIs

DevOps

SecOps

Cyber Attacks

Security

Secure Cloud

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Reference Designs for Application Security in Kubernetes - Ep 13

Presented by

About this talk

More from this channel