Name: Demystifying AuthN/AuthZ Using OIDC/OAuth2
Start: 2021-06-08T16:00:00Z
End: 2021-06-08T16:00:59.000Z
Location: BrightTALK
Rating: 0

NGINX helps companies deliver their sites and applications with performance, reliability, security, and scale. NGINX offers an award-winning, comprehensive application delivery platform in use on more than 300 million sites worldwide. Watch this webinars how to ensure flawless digital experiences through features such as advanced load balancing, web and mobile acceleration, security controls, application monitoring, and management.

Join the experts from Learnk8s and NGINX to learn “How do I route traffic to my microservices in Kubernetes?” We’ll cover the basics of Kubernetes infrastructure and traffic management, including node pools and node instances, NodePort vs LoadBalancer vs Ingress, a look at the Ingress controller landscape, and what you need to know about the Kubernetes Gateway API.

Read the companion blog ""Architecting Kubernetes Clusters for High-Traffic Websites"" 
⬡ https://bit.ly/3sQGRoS

This livestream is part of Microservices March 2022: Kubernetes Networking Edition.
Learn more at https://bit.ly/3AUveiY

What is Microservices March? Watch a breakdown of the event with the DevCentral team!
⬡ https://youtu.be/jgK6nco09Mc

Speaker: 
◆ Salman Iqbal, Instructor at Learnk8s
Bio: 
◆ Salman is a Learnk8s instructor and holds both the CKA and CKAD certifications. Salman has extensive experience in scaling data and machine learning pipelines using Kubernetes. Salman has trained hundreds of engineers all over the world (from sunny California to cold Finland).
Socials:
⬡ https://twitter.com/soulmaniqbal
⬡ https://www.youtube.com/c/SoulmanIqbal
⬡ https://www.linkedin.com/in/salman-iqbal-a6a5b026/

Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi

Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

"Read the companion blog "Architecting Kubernetes Clusters for High-Traffic Websites" 
⬡ https://bit.ly/3sQGRoS

Architecting Kubernetes Clusters for High-Traffic Websites

Join the experts from Learnk8s and NGINX to learn “How do I split traffic for A/B testing? Can I use Kubernetes to do shadow rollouts?” 

This webinar covers advanced traffic management use cases including zero downtime deployments, traffic splitting (at the Ingress controller and service mesh), tracing, and mapping traffic flow in real-time. This livestream is part of Microservices March 2022: Kubernetes Networking Edition. 

Read the companion blog: "Advanced Kubernetes Deployment Strategies" 
⬡ https://bit.ly/3LnfrgG 

Get the Lab Guide
https://bit.ly/3XUkQTm

This webinar was part of Microservices March 2022. We are kicking off Microservices March 2023 March 8. You can learn more here https://bit.ly/3YlAXca 

Speaker: 
◆ Andrea Giardini, Instructor at Learnk8s 

Bio: 
◆ Andrea is an infrastructure specialist. He worked at CERN on the Large Harden Collider grid and led the infrastructure team at Camunda. He is currently working as an independent contractor on Kubernetes and Cloud technologies projects. 

Social: 
◆ https://www.linkedin.com/in/giardiniandrea/

Get Started with NGINX Ingress Controller 
⬡ https://bit.ly/35BHoSi 

Free eBook: Taking Kubernetes from Test to Production 
⬡ https://bit.ly/3HpvaJL 

Demo and tutorial: "Improve Uptime and Resilience with a Canary Deployment" 
⬡ https://bit.ly/3qIOj3Y

Advanced Kubernetes Deployment Strategies

IBM’s 2021 ‘Microservices in the Enterprise’ survey found that 87% of microservices adopters agree that microservices adoption is worth the expense and effort. Credited with improving agility and enabling businesses to pivot and address the changing demands of their customer base - a crucial asset in the pandemic world - microservices are increasingly at the heart of success in the digital economy.  

Yet despite the rising popularity of microservices, some organizations worry about how to get the process right. From managing potential security risks to understanding how best to navigate the complexity and potential rising costs that a long-term commitment to microservices might present, it’s understandable why running a microservices-driven architecture can seem so daunting.  

In episode 1 of NGINX’s ‘Mastering App Modernization’ series, host Steve Pereira and guests are here to take away any confusion by answering common questions about how companies can utilize microservices to streamline application management and make it easier for IT teams to collaborate. 

Along with reviewing best practices for microservices and delving deeper into how organisations can incorporate microservices into their current application development strategy, they’ll be sharing:
- The broader business benefits microservices can realize
- How microserves can benefit both the experience of DevOps teams and the end user
- How a microservice architecture can improve workflows and productivity compared to centralized applications
- Security best practices for microservices and the importance of ‘security by design’ 
- Common concerns and challenges faced when adopting microservices, and strategies for overcoming them
- And more

Microservices Made Easy: Realizing Business Value with Microservices

Research from F5 Labs found that API security incidents in the first half of 2020 exceeded the number of incidents from the previous two years combined. A significant challenge facing DevOps teams is that there are many areas of weakness around API security, especially around authentication in front of API endpoints, broken authentication, and broken authorization. Having the right identity and access management (IAM) solution is one thing, configuring and deploying it properly is, obviously, crucial. In this episode, we will show how NGINX interacts with Okta, one of the leading IAM solutions in the market.

Key Takeaways:
- Demonstrate OAuth 2.0 JWT validation with Okta (with PKCE)
- Demonstrate rate-limiting configuration per user
- Demonstrate authorization based on group claim information
- Okta specific feature that works with NGINX Plus

IdP Integration with NGINX and OKTA

Join the experts from Learnk8s and NGINX to learn “How do I secure my APIs and apps to be production-ready?” In this session, you’ll learn about the sidecar pattern and policies that can make your services more secure and resilient, including a live hacking demo. 

Read the companion blog "Microservices Security Pattern in Kubernetes" 
⬡ https://bit.ly/3qh3XDk 

Get the Lab Guide
https://bit.ly/3DyMsFv 

This webinar was part of Microservices March 2022. We are kicking off Microservices March 2023 March 8. You can learn more here https://bit.ly/3YlAXca 

What is Microservices March? Watch a breakdown of the event with the DevCentral team! 
⬡ https://youtu.be/jgK6nco09Mc 

Speaker: 
◆ Chris Nesbitt-Smith, Instructor at Learnk8s 

Bio: 
◆ Chris is a Kubernetes Certified Admin and Security expert. Chris has extensive experience in securing Kubernetes having worked for prestigious entities such as the UK Government and Bank of England. 

Social: 
◆ https://www.linkedin.com/in/cnesbittsmith/

What is Microservices March? Watch a breakdown of the event with the DevCentral team!
⬡ https://youtu.be/jgK6nco09Mc

Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi

Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

Microservices Security Pattern in Kubernetes (East-West Traffic)

Don't let slow performance slow you down. Get ahead with the best web application firewall (WAF) for your needs. Join GigaOm analyst, Jake Dolezal, as he unveils the results of his performance testing on four top WAFs, including fully managed cloud offerings from AWS WAF and Azure Web Application Firewall. According to the High-Performance Application Security Testing report, NGINX App Protect outperformed all other WAFs tested. Learn about the complete methodology used in the testing and how you can adapt it to suit your own workloads and requirements. Stay ahead of the game with the right WAF for you.

High-Performance Application Security Testing

Join the experts from Learnk8s and NGINX to learn “What are the best practices for deploying an API gateways in Kubernetes?” This livestream builds on concepts discussed in “Architecting Kubernetes Clusters for High-Traffic Websites” – including flow of a packet, more on NodePort vs LoadBalancer vs Ingress, routing internal vs external traffic (multiple ingresses, IngressClasses), Authorization and Authentication (OIDC), rate limiting, and graceful shutdown in Kubernetes.

For more on this topic, read the companion blog "Exposing APIs in Kubernetes"
⬡ https://bit.ly/3tWWMRL

Get the Lab Guide
https://bit.ly/3HjLe1C 

This webinar was part of Microservices March 2022. We are kicking off Microservices March 2023 March 8. You can learn more here https://bit.ly/3YlAXca 

What is Microservices March? Watch a breakdown of the event with the DevCentral team!
⬡ https://youtu.be/jgK6nco09Mc

See the examples from Andrea's demo here: 
⬡ https://github.com/nginxinc/microservices-march

Speaker: 
◆ Andrea Giardini, Instructor at Learnk8s

Bio: 
◆ Andrea is an infrastructure specialist. He worked at CERN on the Large Harden Collider grid and led the infrastructure team at Camunda. He is currently working as an independent contractor on Kubernetes and Cloud technologies projects.

Social: 
⬡ https://www.linkedin.com/in/giardiniandrea/

Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi

Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

Exposing APIs with Kubernetes (North-South Traffic)

Integrating security into your application lifecycle is not easy. DevOps is used to deploy applications with modern tool sets, and on many occasions, the security team cannot follow DevOps guidelines. Join our webinar to see how NGINX can be part of the application lifecycle and how we can eliminate mistakes and reduce attacks and downtime with NGINX App Protect.

DevSecOps for Digital Innovation

Join the experts from Learnk8s and NGINX to learn “How do I route traffic to my microservices in Kubernetes?” We’ll cover the basics of Kubernetes infrastructure and traffic management, including node pools and node instances, NodePort vs LoadBalancer vs Ingress, a look at the Ingress controller landscape, and what you need to know about the Kubernetes Gateway API.

Read the companion blog ""Architecting Kubernetes Clusters for High-Traffic Websites"" 
⬡ https://bit.ly/3sQGRoS

Get the Lab Guide
⬡ https://bit.ly/3HMPHeW 

This webinar was part of Microservices March 2022. We are kicking off Microservices March 2023 March 8. You can learn more here https://bit.ly/3YlAXca 

What is Microservices March? Watch a breakdown of the event with the DevCentral team!
⬡ https://youtu.be/jgK6nco09Mc

Speaker: 
◆ Salman Iqbal, Instructor at Learnk8s

Bio: 
◆ Salman is a Learnk8s instructor and holds both the CKA and CKAD certifications. Salman has extensive experience in scaling data and machine learning pipelines using Kubernetes. Salman has trained hundreds of engineers all over the world (from sunny California to cold Finland).

Social:
⬡ https://twitter.com/soulmaniqbal
⬡ https://www.youtube.com/c/SoulmanIqbal
⬡ https://www.linkedin.com/in/salman-iqbal-a6a5b026/

Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi

Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

85% of all web traffic is encrypted. This now standard practice helps ensure that data (sensitive or not) sent over the Internet remains private and out of the hands of eavesdroppers and hackers. But how do you encrypt traffic? The answer is with SSL/TLS, an encryption protocol that protects Internet communication.

Join this NGINX 101 foundational webinar to learn more about the importance of and best practices for encrypting your web, application, and API traffic. Our presenters show you how to create or procure a certificate to ensure transactions are authenticated, as well as demo how straightforward it is to encrypt and secure your web traffic using NGINX. We also answer attendee questions about NGINX and encryption.

Robert Haynes
Technical Marketing Manager
F5 NGINX

NGINX 101 Web Traffic Encryption with SSL TLS and NGINX

Join the experts from Learnk8s and NGINX to learn “How do I secure my APIs and apps to be production-ready?” In this session, you’ll learn about the sidecar pattern and policies that can make your services more secure and resilient, including a live hacking demo. 

Read the companion blog "Microservices Security Pattern in Kubernetes" 
⬡ https://bit.ly/3qh3XDk 

This livestream is part of Microservices March 2022: Kubernetes Networking Edition. 
Learn more at https://bit.ly/3AUveiY 

What is Microservices March? Watch a breakdown of the event with the DevCentral team! 
⬡ https://youtu.be/jgK6nco09Mc 

Speaker: 
◆ Chris Nesbitt-Smith, Instructor at Learnk8s 

Bio: ◆ Chris is a Kubernetes Certified Admin and Security expert. Chris has extensive experience in securing Kubernetes having worked for prestigious entities such as the UK Government and Bank of England. 
Socials: ◆ https://www.linkedin.com/in/cnesbittsmith/

Read the companion blog ""Microservices Security Pattern in Kubernetes""
⬡ https://bit.ly/3qh3XDk

What is Microservices March? Watch a breakdown of the event with the DevCentral team!
⬡ https://youtu.be/jgK6nco09Mc

Watch the next livestream of this series:
⬡ https://youtu.be/w7ZDeNFD_Co

Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi

Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

It’s no secret that developers, architects, and DevOps engineers are tired of the stress and hassles of legacy application architectures, particularly after working in the landscape of the last two years. With NGINX increasingly hearing that application teams want to create ‘modern apps’ - ones that embrace containers, APIs, and truly distributed computing - in order for businesses to thrive in 2022 and beyond, it’s crucial that businesses create environments where their dev and ops teams are empowered to create genuinely modern apps that move at faster-than-human speed.
 
It’s easy enough for an organization to say that they will do this, but it’s also essential that businesses fully understand what defines a modern app, and how they can enable often siloed teams to work together to make delivering these apps a reality. 
 
In episode 6 of NGINX’s ‘Mastering App Modernization’ series, host Steve Pereira and guests are sharing how. They’ll be looking at how businesses can enable their Dev and DevOps teams - as well as NetOps and PlatformsOps - to build and deliver scalable, secure, reslient - and modern - apps. 
 
Join them to hear:
- What defines a modern app in 2022
- Why Dev and DevOps teams need to understand that modern apps are a combination of a checklist and a state of mind
- The six architecture principles that modern apps employ 
- How developers and DevOps teams can practice secure development 
- Organizational and cultural considerations that teams need to be aware of that will enable them to build applications that works for users, developers and stakeholders
- And more

Making Modern Apps: Extending App Delivery to Dev & DevOps Teams

A common non-functional requirement that gets built into apps and services is authentication and authorization. On a small scale, this practice adds a manageable amount of complexity that’s acceptable when the app doesn’t require frequent updates. But with faster release velocities at larger scale, integrating authentication and authorization into your apps becomes untenable. 

In this video, Technical Marketing Engineer Amir Rawdat shares how you can offload this functionality to an Ingress controller to achieve better security and more efficient use of resources.

Read the blog: "Implementing OpenID Connect Authentication for Kubernetes with Okta and NGINX Ingress Controller"
⬡ https://bit.ly/3to5cmm

NGINX Ingress Controller Docs for Implementing OIDC
⬡ https://bit.ly/3IoSk3p

Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi

Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

Authorization and Authentication for Kubernetes Apps

You work in IT for a popular local store that sells a variety of goods, from pillows to bicycles. They're about to launch their first online store, but before launch they've asked a security expert to pen test the site before it goes public. Unfortunately, the security expert found a problem! The online store is vulnerable to SQL injection. The security expert was able to exploit the site to obtain sensitive information from your database, including user names and passwords!

Your team has come to you - the Kubernetes engineer - to save the day. Luckily, you know that SQL injection - as well as other vulnerabilities - can be mitigated using Kubernetes traffic management tools. You already deployed an Ingress controller to expose the app, and in a single configuration you're able to ensure this vulnerability can't be exploited. Now the online store can launch on time. Well done!

In this lab you will:
◆ Exploit an application vulnerable to SQL injection
◆ Use an NGINX sidecar container to block certain requests
◆ Configure NGINX Ingress Controller to filter requests

Technologies Used:
◆ NGINX Ingress Controller: https://bit.ly/3vpPkRw
◆ NGINX Open Source: https://nginx.org/
◆ Helm: https://helm.sh"

Try this demo for yourself!
⬡ https://bit.ly/3rVAz74
Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi
Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

Protect Kubernetes Apps from SQL Injection

While the benefits of Kubernetes are many and include:
• Continuous container health checks
• Handling of varied storage types for container data
• And the ability to manage passwords, tokens, and SSH keys, 

deployment—especially for more advanced use cases—is often not as straightforward as one hopes. Often, IT pros benefit from well-documented approaches or best practices to assist in deployment.

Join the experts from Learnk8s and NGINX in this webinar to learn several advanced Kubernetes deployment strategies that you can immediately apply in your organization. The session covers advanced traffic management use cases including zero downtime deployments, traffic splitting (at the Ingress controller and service mesh), tracing, and mapping traffic flow in real-time.

Learnk8s expert demos 4 Kubernetes deployment approaches

With more and more organizations conducting business with their customers online, web applications remain the top attack target for cybercriminals. It’s easy to see why – they are often complex, composed of microservices, and spanning distributed environments, increasing the number of endpoints vulnerable to exploitation. It is no surprise that OWASP Top 10 vulnerabilities such as SQL injection and cross‑site scripting (XSS) remain popular cyberattacks. You need to strengthen security for your containerized apps deployed in Kubernetes by adding a WAF to NGINX Ingress Controller.

In this webinar we look at the cost of a typical application hack and why traditional WAFs don’t work for today’s modern applications. We conclude with a demo that showcases how by combining NGINX Ingress Controller with NGINX App Protect WAF you can protect your apps against common vulnerabilities, create granular policies for app services, and make your Kubernetes clusters a safer place to run your apps.

Secure Your Kubernetes Apps from Attacks with NGINX

Join the experts from Learnk8s and NGINX to learn “How do I route traffic to my microservices in Kubernetes?” We’ll cover the basics of Kubernetes infrastructure and traffic management, including node pools and node instances, NodePort vs LoadBalancer vs Ingress, a look at the Ingress controller landscape, and what you need to know about the Kubernetes Gateway API.

Read the companion blog ""Architecting Kubernetes Clusters for High-Traffic Websites"" 
⬡ https://bit.ly/3sQGRoS

This livestream is part of Microservices March 2022: Kubernetes Networking Edition.
Learn more at https://bit.ly/3AUveiY

What is Microservices March? Watch a breakdown of the event with the DevCentral team!
⬡ https://youtu.be/jgK6nco09Mc


Speaker: 
◆ Salman Iqbal, Instructor at Learnk8s
Bio: 
◆ Salman is a Learnk8s instructor and holds both the CKA and CKAD certifications. Salman has extensive experience in scaling data and machine learning pipelines using Kubernetes. Salman has trained hundreds of engineers all over the world (from sunny California to cold Finland).
Socials:
⬡ https://twitter.com/soulmaniqbal
⬡ https://www.youtube.com/c/SoulmanIqbal
⬡ https://www.linkedin.com/in/salman-iqbal-a6a5b026/

Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi

Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

"Read the companion blog "Architecting Kubernetes Clusters for High-Traffic Websites" 
⬡ https://bit.ly/3sQGRoS

Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi

Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

Your organization built an app in Kubernetes and now it’s getting popular! You went from just a few visitors to hundreds (and sometimes thousands) per day. But there’s a problem…the increased traffic is bottlenecking, causing latency and timeouts for your customers. If you can’t improve the experience, people will stop using the app.

In this demo, we show how to deploy an Ingress controller to route the traffic and set up an autoscale policy so that the number of Ingress controller pods instantly expands and contracts to match traffic fluctuations. The Ingress controller pods seamlessly handle the traffic surges - "Goodbye, latency!", and when traffic decreases the pods scale down to conserve resources - "Hello, cost savings!"

Technologies Used:
◆ NGINX Ingress Controller: https://bit.ly/3vpPkRw
◆ Prometheus: https://prometheus.io
◆ Locust: https://locust.io
◆ KEDA: https://keda.sh
◆ Helm: https://helm.sh

Try this demo for yourself!
⬡ https://bit.ly/3rVAz74

Get Started with NGINX Ingress Controller
⬡ https://bit.ly/35BHoSi

Free eBook: Taking Kubernetes from Test to Production
⬡ https://bit.ly/3HpvaJL

Reduce Kubernetes Latency with Autoscaling

For some, security is an afterthought in API development, yet choosing the right authentication (AuthN) and authorization (AuthZ) options is more critical than ever for the digital security of a business. Many organizations are adopting the OpenID Connect (OIDC) and OAuth 2.0 (OAuth2) standards for authentication and authorization respectively.

Join Rajesh Bavanantham to explore use cases and appropriate API security patterns behind using OIDC/OAuth2. Both frameworks offer multiple ways to secure your APIs, so it is important to understand where to apply the different OIDC/OAuth2 deployment patterns. Rajesh also discusses different types of authorization (fine/finer/finest) and the nuances of using token-based authorization to protect your API assets.

Demystifying AuthN/AuthZ Using OIDC/OAuth2

Authorization

Authentication

API Management

APIs

Deployment

Tokenization

Secure Development

Security

Open Innovation

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Demystifying AuthN/AuthZ Using OIDC/OAuth2

Presented by

About this talk

More from this channel