SlideShare ist ein Scribd-Unternehmen logo

Modern App Architecture - Microservices, API Friendly

DevOps Indonesia
DevOps Indonesia

Modern App Architecture - Microservices, API Friendly by Andre Iswanto

Technologie
1 von 40
Downloaden Sie, um offline zu lesen
DevOpsDays Jakarta 2020 Modern App Architecture: Microservices, API Friendly by Andre Iswanto BRI Corporate University, March 12th 2020
| ©2019 F5 NETWORKS5 CONFIDENTIAL Modern App Architecture: Microservices, API Friendly Andre Iswanto
| ©2019 F5 NETWORKS6 CONFIDENTIAL Three outcomes enterprises expect from digital transformation Customer experience Business agility Digital ROI
| ©2019 F57 Applications drive business MOBILE GLOBAL LOGISTICS ERP TODAY
| ©2019 F5 NETWORKS8 The Application Landscape Is Transforming 1 F5 State of Application Services Report 2018 2 IDC FutureScape 2019 3 Cisco Global Cloud Index: 2016-2021 Cloud is now DevOps is rising Technology is changing 65% Organizations expanding DevOps methods into larger business by 20212 87% Customers adopting multi- cloud strategies and approaches1 85% New app workload instances that are container-based— 95% by 20213
Microservices Architecture from Gartner N/S E/W
| ©2019 F510 Security
| ©2019 F511 D.T. challenges ORGANIZATIONS MUST RETHINK SECURITY Applications Processes and skills Technology stacks and tools Security How do you deploy and manage a global application security policy? SOURCE: F5 STATE OF APPLICATION SERVICES 2019 REPORT Applications and identities were the initial targets in 86% of breaches. 86%
| ©2019 F512 APPLICATION ATTACKS L7 DoS API attacks SQL/PHP Injection Client-side attacks APP INFRASTRUCTURE ATTACKS DDoS Encrypted threats Man-in-the-middle DNS spoofing SOPHISTICATED ATTACKS APT Multi-cloud threats Malicious bots Threat campaigns and malware ACCESS LEVEL ATTACKS Session hijacking Credential theft Brute force Phishing Application threats
| ©2019 F513 OWASP API Security 1. HTTPS 2. Access Control 3. JWT 4. API Keys 5. Restrict HTTP Methods 6. Input Validation 7. Validate Content Type 8. Management endpoints 9. Error handling 10. Audit logs 11. Security headers 12. Cross-Origin Resource Sharing (CORS) 13. Sensitive information in HTTP requests 14. HTTP Return Code https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/REST_Security_Cheat_Sheet.md
Confidential / Sophisticated Attack on Client Side Magecart-style Attacks Steal PCI and PII Malicious or compromised JavaScript on the webpage (Event Listeners) The JS instructs the browser to make outbound XHR calls to exfiltrate sensitive data SE 14
| ©2019 F515 Autonomous Fraud
| ©2019 F516 F5 Application Security framework INTELLIGENT SECURITY THREAT SERVICES Risk-based analytics and security stop today's sophisticated attacks. APPLICATION INFRASTRUCTURE SECURITY Security infused into business and application development practices TRUSTED APPLICATION ACCESS Modern authentication with every app and service APPLICATION LAYER SECURITY Common security policies across all multi-cloud apps
| ©2019 F5 NETWORKS17 API Gateway
| ©2019 F518 BENEFITS • Create and publish multiple APIs, definitions, and configs quickly and easily • Protect apps from DDoS and other attacks while ensuring performance with proactive security features • Get deep visibility into app and API health with per- instance performance monitoring and proactive alerting • Deploy your way in the environment of your choice and leverage your existing technology investments API Management REDUCED COMPLEXITY, INCREASED PERFORMANCE | ©2019 F518 DEFINITION AND PUBLICATION SECURITY TRAFFIC MGMT. (API GW) ONGOING MONITORING AND MAINTENANCE ANALYTICS TO ASSESS API VALUE ONBOARDING (DEV PORTAL) API MANAGEMENT
Billing Service Edge API Gateway Billing Service Billing Service Other API /api/other/topup /api/other/user Payment API /api/payment/inquiry /api/payment/payment Paylater API /api/paylater/payment /api/paylater/settlement Payment Service Payment Service Payment Service Service registry Service registry API Security API API Protection Authentication • TLS Termination • API OWASP • Bot protection • DDoS protection • Authentication & Authorization with Oauth 2.0 Attackers Legitimate users {“filter”:”|cat /etc/password“,”order”:” asc”,”limit”:50} {“filter”:”user=marcel“, ”order”:”asc”,”limit”:5 0} API Security & Management
| ©2019 F520 Orchestration and Automation
| ©2019 F521 The Application Factory THE GROWTH ENGINE OF THE APPLICATION ECONOMY | ©2019 F521
| ©2019 F5 NETWORKS22 http://www.itsmacademy.com/content/webinar/SRE%20-%20An%20Enterprise%20Adoption%20Story.pdf
| ©2020 F523 CONFIDENTIAL SRE’s 5 Pillars of Success https://en.wikipedia.org/wiki/Site_Reliability_Engineering
| ©2019 F5 NETWORKS24 Code to Customer Device fingerprint User identity & behavior Future services CustomerCode API gateway CDNIngress Controller App / web server Load balancer DNSApp Security DDoSFuture services Containers Purpose-built hardware Public cloud Virtual machines Software as a Service Commodity hardware ANY INFRASTRUCTURE Mobile POSLaptop IoT ANY DEVICE PLATFORM CONTROL PLANES BIG-IP NGINX FUTURE VISIBILTY, INSIGHTS & ORCHESTRATION TELEMETRY TELEMETRY
| ©2019 F525 Automation lifecycle DEPLOY APP SERVICES BOOTSTRAP ONBOARD MONITORING/ TELEMETRY CHANGE
| ©2019 F526 F5 Automation Toolchain CLOUD TEMPLATES DECLARATIVE ONBOARDING EXTENSION APP SERVICES 3 EXTENSION TELEMETRY STREAMING EXTENSION Start BIG-IP instances in public and private clouds Initial configuration of BIG-IP instances Deploy classic and advanced application services on BIG-IP using declarative REST APIs Stream telemetry, events, and logs from BIG-IP to various analytics and logging solutions L4-L7L1-L3 BOOTSTRAP ONBOARD DEPLOY APP SERVICES MONITORING/TELEMETRY
| ©2019 F5 NETWORKS27 Secure SDLC
| ©2019 F5 NETWORKS28 Summary
Microservices-oriented application …. Node 1 Node N
CI/CD (Continuous Integration Continuous Delivery) Commit Changes Build Image Deploy Development Deploy Application Service Platform (F5 & NGINX) Apps Vulnerabilities Scan Penetration Testing Generate Reports Approval Workflow Deploy Production AS3 Big Data Logging, Application Performance Monitoring & Analytics TS TS HTTPS HTTPS HTTPS DC1 DC2 Controller & Dashboard AS3
| ©2019 F5 NETWORKS31
| ©2019 F5 NETWORKS32 DevOpsDays Jakarta 2020 Venue Sponsor
| ©2019 F5 NETWORKS33 DevOpsDays Jakarta 2020 Platinum Sponsors
| ©2019 F5 NETWORKS34 DevOpsDays Jakarta 2020 Gold Sponsors
| ©2019 F5 NETWORKS35 DevOpsDays Jakarta 2020 Silver Sponsors
| ©2019 F5 NETWORKS36 DevOpsDays Jakarta 2020 University Partners
| ©2019 F5 NETWORKS37 DevOpsDays Jakarta 2020 Community Partners
| ©2019 F5 NETWORKS38 DevOpsDays Jakarta 2020 Media Partners
| ©2019 F5 NETWORKS39 Stay Connected @IDDevOps @IDDevOps @IDDevOps DevOps Indonesia DevOps Indonesia DevOps Indonesia
| ©2019 F5 NETWORKS40 THANK YOU ! Alone We are smart, together We are brilliant

Empfohlen

Api Management and Demo
Api Management and DemoApi Management and Demo
Api Management and Demo
DevOps Indonesia
 
A sustainable DevOps Transformation
A sustainable DevOps TransformationA sustainable DevOps Transformation
A sustainable DevOps Transformation
DevOps Indonesia
 
Integrate Security and Compliance into your CI/CD Pipeline
Integrate Security and Compliance into your CI/CD PipelineIntegrate Security and Compliance into your CI/CD Pipeline
Integrate Security and Compliance into your CI/CD Pipeline
DevOps Indonesia
 
Building and Delivering Software in a Faster and More Consistent Way
Building and Delivering Software in a Faster and More Consistent WayBuilding and Delivering Software in a Faster and More Consistent Way
Building and Delivering Software in a Faster and More Consistent Way
DevOps Indonesia
 
How DevOps works in MOKA
How DevOps works in MOKAHow DevOps works in MOKA
How DevOps works in MOKA
DevOps Indonesia
 
DevOps in the Real World: Know What it Takes to Make it Work
DevOps in the Real World: Know What it Takes to Make it WorkDevOps in the Real World: Know What it Takes to Make it Work
DevOps in the Real World: Know What it Takes to Make it Work
VMware Tanzu
 
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...
apidays
 
From Commit to Production in 10 Minutes… at a Century Old Insurance Company
From Commit to Production in 10 Minutes… at a Century Old Insurance CompanyFrom Commit to Production in 10 Minutes… at a Century Old Insurance Company
From Commit to Production in 10 Minutes… at a Century Old Insurance Company
VMware Tanzu
 

Empfohlen

Api Management and Demo
Api Management and DemoApi Management and Demo
Api Management and Demo
DevOps Indonesia
 
A sustainable DevOps Transformation
A sustainable DevOps TransformationA sustainable DevOps Transformation
A sustainable DevOps Transformation
DevOps Indonesia
 
Integrate Security and Compliance into your CI/CD Pipeline
Integrate Security and Compliance into your CI/CD PipelineIntegrate Security and Compliance into your CI/CD Pipeline
Integrate Security and Compliance into your CI/CD Pipeline
DevOps Indonesia
 
Building and Delivering Software in a Faster and More Consistent Way
Building and Delivering Software in a Faster and More Consistent WayBuilding and Delivering Software in a Faster and More Consistent Way
Building and Delivering Software in a Faster and More Consistent Way
DevOps Indonesia
 
How DevOps works in MOKA
How DevOps works in MOKAHow DevOps works in MOKA
How DevOps works in MOKA
DevOps Indonesia
 
DevOps in the Real World: Know What it Takes to Make it Work
DevOps in the Real World: Know What it Takes to Make it WorkDevOps in the Real World: Know What it Takes to Make it Work
DevOps in the Real World: Know What it Takes to Make it Work
VMware Tanzu
 
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...
apidays
 
From Commit to Production in 10 Minutes… at a Century Old Insurance Company
From Commit to Production in 10 Minutes… at a Century Old Insurance CompanyFrom Commit to Production in 10 Minutes… at a Century Old Insurance Company
From Commit to Production in 10 Minutes… at a Century Old Insurance Company
VMware Tanzu
 
Security and Data Breach
Security and Data BreachSecurity and Data Breach
Security and Data Breach
DevOps Indonesia
 
Latest dev ops trends in 2021 you should know
Latest dev ops trends in 2021 you should knowLatest dev ops trends in 2021 you should know
Latest dev ops trends in 2021 you should know
Impressico Business Solutions
 
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays
 
Digital Transformation in Infrastructure "NetOps in The Era of Modern IT"
Digital Transformation in Infrastructure "NetOps in The Era of Modern IT"Digital Transformation in Infrastructure "NetOps in The Era of Modern IT"
Digital Transformation in Infrastructure "NetOps in The Era of Modern IT"
DevOps Indonesia
 
Measure Customer Value with Self-Service Observability
Measure Customer Value with Self-Service ObservabilityMeasure Customer Value with Self-Service Observability
Measure Customer Value with Self-Service Observability
DevOps.com
 
Code to Cloud: Three Trends for Faster, Safer Continuous Delivery
Code to Cloud: Three Trends for Faster, Safer Continuous DeliveryCode to Cloud: Three Trends for Faster, Safer Continuous Delivery
Code to Cloud: Three Trends for Faster, Safer Continuous Delivery
VMware Tanzu
 
Cloud Native Runtime Platform
Cloud Native Runtime PlatformCloud Native Runtime Platform
Cloud Native Runtime Platform
VMware Tanzu
 
When Automation Keeps Your T-shirt Clean
When Automation Keeps Your T-shirt CleanWhen Automation Keeps Your T-shirt Clean
When Automation Keeps Your T-shirt Clean
DevOps Indonesia
 
Securing Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOpsSecuring Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOps
WhiteSource
 
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsContinuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
SmartBear
 
AWS Meetup: Career Day 2019 - Lightning Talk with Cloud Career Path: DevOps E...
AWS Meetup: Career Day 2019 - Lightning Talk with Cloud Career Path: DevOps E...AWS Meetup: Career Day 2019 - Lightning Talk with Cloud Career Path: DevOps E...
AWS Meetup: Career Day 2019 - Lightning Talk with Cloud Career Path: DevOps E...
AWS User Group - Thailand
 
Getting Security in the Loop: Building Balanced Teams
Getting Security in the Loop: Building Balanced TeamsGetting Security in the Loop: Building Balanced Teams
Getting Security in the Loop: Building Balanced Teams
VMware Tanzu
 
Girls Can Do IT!
Girls Can Do IT!Girls Can Do IT!
Girls Can Do IT!
VMware Tanzu
 
What Does it Take to Deliver a Solution to Process Over $2B in Loans from Inc...
What Does it Take to Deliver a Solution to Process Over $2B in Loans from Inc...What Does it Take to Deliver a Solution to Process Over $2B in Loans from Inc...
What Does it Take to Deliver a Solution to Process Over $2B in Loans from Inc...
VMware Tanzu
 
Getting Fancy: Creating A Partnership With Your CEO for the Digital Era
Getting Fancy: Creating A Partnership With Your CEO for the Digital EraGetting Fancy: Creating A Partnership With Your CEO for the Digital Era
Getting Fancy: Creating A Partnership With Your CEO for the Digital Era
VMware Tanzu
 
Revolutionising IT Agility
Revolutionising IT AgilityRevolutionising IT Agility
Revolutionising IT Agility
NGINX, Inc.
 
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
WSO2
 
The Business Benefits of GitOps
The Business Benefits of GitOpsThe Business Benefits of GitOps
The Business Benefits of GitOps
VMware Tanzu
 
Developer Marketing: Building Experiences
Developer Marketing: Building ExperiencesDeveloper Marketing: Building Experiences
Developer Marketing: Building Experiences
Predix
 
Agile Tour Pune 2015: Dev-ops- niche or mainstream: Bhaskar Venugopalan
Agile Tour Pune 2015: Dev-ops- niche or mainstream: Bhaskar VenugopalanAgile Tour Pune 2015: Dev-ops- niche or mainstream: Bhaskar Venugopalan
Agile Tour Pune 2015: Dev-ops- niche or mainstream: Bhaskar Venugopalan
India Scrum Enthusiasts Community
 
Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corp
Mitchell Pronschinske
 
Application Security with NGINX | APAC
Application Security with NGINX | APACApplication Security with NGINX | APAC
Application Security with NGINX | APAC
NGINX, Inc.
 

Weitere ähnliche Inhalte

Was ist angesagt?

Measure Customer Value with Self-Service Observability
Measure Customer Value with Self-Service ObservabilityMeasure Customer Value with Self-Service Observability
Measure Customer Value with Self-Service Observability
DevOps.com
 
Code to Cloud: Three Trends for Faster, Safer Continuous Delivery
Code to Cloud: Three Trends for Faster, Safer Continuous DeliveryCode to Cloud: Three Trends for Faster, Safer Continuous Delivery
Code to Cloud: Three Trends for Faster, Safer Continuous Delivery
VMware Tanzu
 
Securing Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOpsSecuring Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOps
WhiteSource
 
Revolutionising IT Agility
Revolutionising IT AgilityRevolutionising IT Agility
Revolutionising IT Agility
NGINX, Inc.
 
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
WSO2
 

Was ist angesagt? (20)

Security and Data Breach
Security and Data BreachSecurity and Data Breach
Security and Data Breach
 
Latest dev ops trends in 2021 you should know
Latest dev ops trends in 2021 you should knowLatest dev ops trends in 2021 you should know
Latest dev ops trends in 2021 you should know
 
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
 
Digital Transformation in Infrastructure "NetOps in The Era of Modern IT"
Digital Transformation in Infrastructure "NetOps in The Era of Modern IT"Digital Transformation in Infrastructure "NetOps in The Era of Modern IT"
Digital Transformation in Infrastructure "NetOps in The Era of Modern IT"
 
Measure Customer Value with Self-Service Observability
Measure Customer Value with Self-Service ObservabilityMeasure Customer Value with Self-Service Observability
Measure Customer Value with Self-Service Observability
 
Code to Cloud: Three Trends for Faster, Safer Continuous Delivery
Code to Cloud: Three Trends for Faster, Safer Continuous DeliveryCode to Cloud: Three Trends for Faster, Safer Continuous Delivery
Code to Cloud: Three Trends for Faster, Safer Continuous Delivery
 
Cloud Native Runtime Platform
Cloud Native Runtime PlatformCloud Native Runtime Platform
Cloud Native Runtime Platform
 
When Automation Keeps Your T-shirt Clean
When Automation Keeps Your T-shirt CleanWhen Automation Keeps Your T-shirt Clean
When Automation Keeps Your T-shirt Clean
 
Securing Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOpsSecuring Container-Based Applications at the Speed of DevOps
Securing Container-Based Applications at the Speed of DevOps
 
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsContinuous Testing- A Key Ingredient for Success in Agile & DevOps
Continuous Testing- A Key Ingredient for Success in Agile & DevOps
 
AWS Meetup: Career Day 2019 - Lightning Talk with Cloud Career Path: DevOps E...
AWS Meetup: Career Day 2019 - Lightning Talk with Cloud Career Path: DevOps E...AWS Meetup: Career Day 2019 - Lightning Talk with Cloud Career Path: DevOps E...
AWS Meetup: Career Day 2019 - Lightning Talk with Cloud Career Path: DevOps E...
 
Getting Security in the Loop: Building Balanced Teams
Getting Security in the Loop: Building Balanced TeamsGetting Security in the Loop: Building Balanced Teams
Getting Security in the Loop: Building Balanced Teams
 
Girls Can Do IT!
Girls Can Do IT!Girls Can Do IT!
Girls Can Do IT!
 
What Does it Take to Deliver a Solution to Process Over $2B in Loans from Inc...
What Does it Take to Deliver a Solution to Process Over $2B in Loans from Inc...What Does it Take to Deliver a Solution to Process Over $2B in Loans from Inc...
What Does it Take to Deliver a Solution to Process Over $2B in Loans from Inc...
 
Getting Fancy: Creating A Partnership With Your CEO for the Digital Era
Getting Fancy: Creating A Partnership With Your CEO for the Digital EraGetting Fancy: Creating A Partnership With Your CEO for the Digital Era
Getting Fancy: Creating A Partnership With Your CEO for the Digital Era
 
Revolutionising IT Agility
Revolutionising IT AgilityRevolutionising IT Agility
Revolutionising IT Agility
 
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
 
The Business Benefits of GitOps
The Business Benefits of GitOpsThe Business Benefits of GitOps
The Business Benefits of GitOps
 
Developer Marketing: Building Experiences
Developer Marketing: Building ExperiencesDeveloper Marketing: Building Experiences
Developer Marketing: Building Experiences
 
Agile Tour Pune 2015: Dev-ops- niche or mainstream: Bhaskar Venugopalan
Agile Tour Pune 2015: Dev-ops- niche or mainstream: Bhaskar VenugopalanAgile Tour Pune 2015: Dev-ops- niche or mainstream: Bhaskar Venugopalan
Agile Tour Pune 2015: Dev-ops- niche or mainstream: Bhaskar Venugopalan
 

Ähnlich wie Modern App Architecture - Microservices, API Friendly

Enable and Secure Business Growth in the New Application Economy
Enable and Secure Business Growth in the New Application Economy Enable and Secure Business Growth in the New Application Economy
Enable and Secure Business Growth in the New Application Economy
CA Technologies
 
Controller and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementController and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API Management
NGINX, Inc.
 
F5 XC Distributed cloud Security and Application Delievery
F5 XC Distributed cloud Security and Application DelieveryF5 XC Distributed cloud Security and Application Delievery
F5 XC Distributed cloud Security and Application Delievery
stkannan1
 
Prevent threats With Analytics Driven Web Application Firewall
Prevent threats With Analytics Driven Web Application FirewallPrevent threats With Analytics Driven Web Application Firewall
Prevent threats With Analytics Driven Web Application Firewall
Avi Networks
 

Ähnlich wie Modern App Architecture - Microservices, API Friendly (20)

Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corp
 
Application Security with NGINX | APAC
Application Security with NGINX | APACApplication Security with NGINX | APAC
Application Security with NGINX | APAC
 
Application Security with NGINX
Application Security with NGINXApplication Security with NGINX
Application Security with NGINX
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
 
From Code to Customer with F5 and NGNX London Nov 19
From Code to Customer with F5 and NGNX London Nov 19From Code to Customer with F5 and NGNX London Nov 19
From Code to Customer with F5 and NGNX London Nov 19
 
F5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-CloudF5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-Cloud
 
Enable and Secure Business Growth in the New Application Economy
Enable and Secure Business Growth in the New Application Economy Enable and Secure Business Growth in the New Application Economy
Enable and Secure Business Growth in the New Application Economy
 
Api architectures for the modern enterprise
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterprise
 
Controller and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementController and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API Management
 
F5 XC Distributed cloud Security and Application Delievery
F5 XC Distributed cloud Security and Application DelieveryF5 XC Distributed cloud Security and Application Delievery
F5 XC Distributed cloud Security and Application Delievery
 
F5 Distributed Cloud.pptx
F5 Distributed Cloud.pptxF5 Distributed Cloud.pptx
F5 Distributed Cloud.pptx
 
Prevent threats With Analytics Driven Web Application Firewall
Prevent threats With Analytics Driven Web Application FirewallPrevent threats With Analytics Driven Web Application Firewall
Prevent threats With Analytics Driven Web Application Firewall
 
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
 
APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...
APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...
APIsecure 2023 - Exploring Advanced API Security Techniques and Technologies,...
 
Akamai Intelligent Edge Security
Akamai Intelligent Edge SecurityAkamai Intelligent Edge Security
Akamai Intelligent Edge Security
 
EMM and MBaaS: How IT Can Enable Secure App Development
EMM and MBaaS: How IT Can Enable Secure App DevelopmentEMM and MBaaS: How IT Can Enable Secure App Development
EMM and MBaaS: How IT Can Enable Secure App Development
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
What's New at VMware?
What's New at VMware?What's New at VMware?
What's New at VMware?
 
Red Hat Mobile
Red Hat MobileRed Hat Mobile
Red Hat Mobile
 
ciscothousandeyesusecase
ciscothousandeyesusecaseciscothousandeyesusecase
ciscothousandeyesusecase
 

Mehr von DevOps Indonesia

API Security Webinar - Credential Stuffing
API Security Webinar - Credential StuffingAPI Security Webinar - Credential Stuffing
API Security Webinar - Credential Stuffing
DevOps Indonesia
 
API Security Webinar - Security Guidelines for Providing and Consuming APIs
API Security Webinar - Security Guidelines for Providing and Consuming APIsAPI Security Webinar - Security Guidelines for Providing and Consuming APIs
API Security Webinar - Security Guidelines for Providing and Consuming APIs
DevOps Indonesia
 

Mehr von DevOps Indonesia (20)

DevSecOps Implementation Journey
DevSecOps Implementation JourneyDevSecOps Implementation Journey
DevSecOps Implementation Journey
 
DevOps Indonesia X Palo Alto and Dkatalis Roadshow to DevOpsDays Jakarta 2022
DevOps Indonesia X Palo Alto and Dkatalis Roadshow to DevOpsDays Jakarta 2022DevOps Indonesia X Palo Alto and Dkatalis Roadshow to DevOpsDays Jakarta 2022
DevOps Indonesia X Palo Alto and Dkatalis Roadshow to DevOpsDays Jakarta 2022
 
Securing an NGINX deployment for K8s
Securing an NGINX deployment for K8sSecuring an NGINX deployment for K8s
Securing an NGINX deployment for K8s
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systems
 
DevOps Indonesia Meetup #52 - announcement
DevOps Indonesia Meetup #52 - announcementDevOps Indonesia Meetup #52 - announcement
DevOps Indonesia Meetup #52 - announcement
 
Dev ops meetup 51 : Securing DevOps Lifecycle - Announcement
Dev ops meetup 51 : Securing DevOps Lifecycle - AnnouncementDev ops meetup 51 : Securing DevOps Lifecycle - Announcement
Dev ops meetup 51 : Securing DevOps Lifecycle - Announcement
 
Securing DevOps Lifecycle
Securing DevOps LifecycleSecuring DevOps Lifecycle
Securing DevOps Lifecycle
 
DevOps Meetup 50 : Securing your Application - Announcement
DevOps Meetup 50 : Securing your Application - AnnouncementDevOps Meetup 50 : Securing your Application - Announcement
DevOps Meetup 50 : Securing your Application - Announcement
 
Secure your Application with Google cloud armor
Secure your Application with Google cloud armorSecure your Application with Google cloud armor
Secure your Application with Google cloud armor
 
DevOps Meetup 49 Aws Copilot and Gitops - announcement by DevOps Indonesia
DevOps Meetup 49 Aws Copilot and Gitops - announcement by DevOps IndonesiaDevOps Meetup 49 Aws Copilot and Gitops - announcement by DevOps Indonesia
DevOps Meetup 49 Aws Copilot and Gitops - announcement by DevOps Indonesia
 
Operate Containers with AWS Copilot
Operate Containers with AWS CopilotOperate Containers with AWS Copilot
Operate Containers with AWS Copilot
 
Continuously Deploy Your CDK Application by Petra novandi barus
Continuously Deploy Your CDK Application by Petra novandi barusContinuously Deploy Your CDK Application by Petra novandi barus
Continuously Deploy Your CDK Application by Petra novandi barus
 
DevOps indonesia (online) meetup 46 aws with payfazz in devops indonesia - a...
DevOps indonesia (online) meetup 46 aws with payfazz in devops indonesia - a...DevOps indonesia (online) meetup 46 aws with payfazz in devops indonesia - a...
DevOps indonesia (online) meetup 46 aws with payfazz in devops indonesia - a...
 
Securing Your Database Dynamic DB Credentials
Securing Your Database Dynamic DB CredentialsSecuring Your Database Dynamic DB Credentials
Securing Your Database Dynamic DB Credentials
 
DevOps Indonesia (online) meetup 45 - Announcement
DevOps Indonesia (online) meetup 45 - AnnouncementDevOps Indonesia (online) meetup 45 - Announcement
DevOps Indonesia (online) meetup 45 - Announcement
 
The Death and Rise of Enterprise DevOps
The Death and Rise of Enterprise DevOpsThe Death and Rise of Enterprise DevOps
The Death and Rise of Enterprise DevOps
 
API Security Webinar - Credential Stuffing
API Security Webinar - Credential StuffingAPI Security Webinar - Credential Stuffing
API Security Webinar - Credential Stuffing
 
API Security Webinar - Security Guidelines for Providing and Consuming APIs
API Security Webinar - Security Guidelines for Providing and Consuming APIsAPI Security Webinar - Security Guidelines for Providing and Consuming APIs
API Security Webinar - Security Guidelines for Providing and Consuming APIs
 
API Security Webinar - Hendra Tanto
API Security Webinar - Hendra TantoAPI Security Webinar - Hendra Tanto
API Security Webinar - Hendra Tanto
 
API Security Webinar : Credential Stuffing
API Security Webinar : Credential StuffingAPI Security Webinar : Credential Stuffing
API Security Webinar : Credential Stuffing
 

Kürzlich hochgeladen

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Kürzlich hochgeladen (20)

DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 

Modern App Architecture - Microservices, API Friendly

  • 1. DevOpsDays Jakarta 2020 Modern App Architecture: Microservices, API Friendly by Andre Iswanto BRI Corporate University, March 12th 2020
  • 2.
  • 3.
  • 4.
  • 5. | ©2019 F5 NETWORKS5 CONFIDENTIAL Modern App Architecture: Microservices, API Friendly Andre Iswanto
  • 6. | ©2019 F5 NETWORKS6 CONFIDENTIAL Three outcomes enterprises expect from digital transformation Customer experience Business agility Digital ROI
  • 7. | ©2019 F57 Applications drive business MOBILE GLOBAL LOGISTICS ERP TODAY
  • 8. | ©2019 F5 NETWORKS8 The Application Landscape Is Transforming 1 F5 State of Application Services Report 2018 2 IDC FutureScape 2019 3 Cisco Global Cloud Index: 2016-2021 Cloud is now DevOps is rising Technology is changing 65% Organizations expanding DevOps methods into larger business by 20212 87% Customers adopting multi- cloud strategies and approaches1 85% New app workload instances that are container-based— 95% by 20213
  • 11. | ©2019 F511 D.T. challenges ORGANIZATIONS MUST RETHINK SECURITY Applications Processes and skills Technology stacks and tools Security How do you deploy and manage a global application security policy? SOURCE: F5 STATE OF APPLICATION SERVICES 2019 REPORT Applications and identities were the initial targets in 86% of breaches. 86%
  • 12. | ©2019 F512 APPLICATION ATTACKS L7 DoS API attacks SQL/PHP Injection Client-side attacks APP INFRASTRUCTURE ATTACKS DDoS Encrypted threats Man-in-the-middle DNS spoofing SOPHISTICATED ATTACKS APT Multi-cloud threats Malicious bots Threat campaigns and malware ACCESS LEVEL ATTACKS Session hijacking Credential theft Brute force Phishing Application threats
  • 13. | ©2019 F513 OWASP API Security 1. HTTPS 2. Access Control 3. JWT 4. API Keys 5. Restrict HTTP Methods 6. Input Validation 7. Validate Content Type 8. Management endpoints 9. Error handling 10. Audit logs 11. Security headers 12. Cross-Origin Resource Sharing (CORS) 13. Sensitive information in HTTP requests 14. HTTP Return Code https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/REST_Security_Cheat_Sheet.md
  • 14. Confidential / Sophisticated Attack on Client Side Magecart-style Attacks Steal PCI and PII Malicious or compromised JavaScript on the webpage (Event Listeners) The JS instructs the browser to make outbound XHR calls to exfiltrate sensitive data SE 14
  • 16. | ©2019 F516 F5 Application Security framework INTELLIGENT SECURITY THREAT SERVICES Risk-based analytics and security stop today's sophisticated attacks. APPLICATION INFRASTRUCTURE SECURITY Security infused into business and application development practices TRUSTED APPLICATION ACCESS Modern authentication with every app and service APPLICATION LAYER SECURITY Common security policies across all multi-cloud apps
  • 17. | ©2019 F5 NETWORKS17 API Gateway
  • 18. | ©2019 F518 BENEFITS • Create and publish multiple APIs, definitions, and configs quickly and easily • Protect apps from DDoS and other attacks while ensuring performance with proactive security features • Get deep visibility into app and API health with per- instance performance monitoring and proactive alerting • Deploy your way in the environment of your choice and leverage your existing technology investments API Management REDUCED COMPLEXITY, INCREASED PERFORMANCE | ©2019 F518 DEFINITION AND PUBLICATION SECURITY TRAFFIC MGMT. (API GW) ONGOING MONITORING AND MAINTENANCE ANALYTICS TO ASSESS API VALUE ONBOARDING (DEV PORTAL) API MANAGEMENT
  • 19. Billing Service Edge API Gateway Billing Service Billing Service Other API /api/other/topup /api/other/user Payment API /api/payment/inquiry /api/payment/payment Paylater API /api/paylater/payment /api/paylater/settlement Payment Service Payment Service Payment Service Service registry Service registry API Security API API Protection Authentication • TLS Termination • API OWASP • Bot protection • DDoS protection • Authentication & Authorization with Oauth 2.0 Attackers Legitimate users {“filter”:”|cat /etc/password“,”order”:” asc”,”limit”:50} {“filter”:”user=marcel“, ”order”:”asc”,”limit”:5 0} API Security & Management
  • 20. | ©2019 F520 Orchestration and Automation
  • 21. | ©2019 F521 The Application Factory THE GROWTH ENGINE OF THE APPLICATION ECONOMY | ©2019 F521
  • 22. | ©2019 F5 NETWORKS22 http://www.itsmacademy.com/content/webinar/SRE%20-%20An%20Enterprise%20Adoption%20Story.pdf
  • 23. | ©2020 F523 CONFIDENTIAL SRE’s 5 Pillars of Success https://en.wikipedia.org/wiki/Site_Reliability_Engineering
  • 24. | ©2019 F5 NETWORKS24 Code to Customer Device fingerprint User identity & behavior Future services CustomerCode API gateway CDNIngress Controller App / web server Load balancer DNSApp Security DDoSFuture services Containers Purpose-built hardware Public cloud Virtual machines Software as a Service Commodity hardware ANY INFRASTRUCTURE Mobile POSLaptop IoT ANY DEVICE PLATFORM CONTROL PLANES BIG-IP NGINX FUTURE VISIBILTY, INSIGHTS & ORCHESTRATION TELEMETRY TELEMETRY
  • 25. | ©2019 F525 Automation lifecycle DEPLOY APP SERVICES BOOTSTRAP ONBOARD MONITORING/ TELEMETRY CHANGE
  • 26. | ©2019 F526 F5 Automation Toolchain CLOUD TEMPLATES DECLARATIVE ONBOARDING EXTENSION APP SERVICES 3 EXTENSION TELEMETRY STREAMING EXTENSION Start BIG-IP instances in public and private clouds Initial configuration of BIG-IP instances Deploy classic and advanced application services on BIG-IP using declarative REST APIs Stream telemetry, events, and logs from BIG-IP to various analytics and logging solutions L4-L7L1-L3 BOOTSTRAP ONBOARD DEPLOY APP SERVICES MONITORING/TELEMETRY
  • 27. | ©2019 F5 NETWORKS27 Secure SDLC
  • 28. | ©2019 F5 NETWORKS28 Summary
  • 30. CI/CD (Continuous Integration Continuous Delivery) Commit Changes Build Image Deploy Development Deploy Application Service Platform (F5 & NGINX) Apps Vulnerabilities Scan Penetration Testing Generate Reports Approval Workflow Deploy Production AS3 Big Data Logging, Application Performance Monitoring & Analytics TS TS HTTPS HTTPS HTTPS DC1 DC2 Controller & Dashboard AS3
  • 31. | ©2019 F5 NETWORKS31
  • 32. | ©2019 F5 NETWORKS32 DevOpsDays Jakarta 2020 Venue Sponsor
  • 33. | ©2019 F5 NETWORKS33 DevOpsDays Jakarta 2020 Platinum Sponsors
  • 34. | ©2019 F5 NETWORKS34 DevOpsDays Jakarta 2020 Gold Sponsors
  • 35. | ©2019 F5 NETWORKS35 DevOpsDays Jakarta 2020 Silver Sponsors
  • 36. | ©2019 F5 NETWORKS36 DevOpsDays Jakarta 2020 University Partners
  • 37. | ©2019 F5 NETWORKS37 DevOpsDays Jakarta 2020 Community Partners
  • 38. | ©2019 F5 NETWORKS38 DevOpsDays Jakarta 2020 Media Partners
  • 39. | ©2019 F5 NETWORKS39 Stay Connected @IDDevOps @IDDevOps @IDDevOps DevOps Indonesia DevOps Indonesia DevOps Indonesia
  • 40. | ©2019 F5 NETWORKS40 THANK YOU ! Alone We are smart, together We are brilliant