In today’s interconnected software landscape, supply chain security has evolved from an afterthought to a mission-critical priority. High-profile incidents, such as the SolarWinds breach, have demonstrated how a single vulnerability can cascade through the entire software development pipeline—affecting everything from code commits to production environments. The consequences of these attacks can be devastating, not only for the businesses targeted but also for their customers and stakeholders, underscoring the urgent need for a proactive, defense-in-depth approach to securing every link in the chain.
Read articleIn today’s interconnected software landscape, supply chain security has evolved from an afterthought to a mission-critical priority. High-profile incidents, such as the SolarWinds breach, have demonstrated how a single vulnerability can cascade through the entire software development pipeline—affecting everything from code commits to production environments. The consequences of these attacks can be devastating, not only for the businesses targeted but also for their customers and stakeholders, underscoring the urgent need for a proactive, defense-in-depth approach to securing every link in the chain.
What is ModSecurity? ModSecurity is an open-source, cross-platform web application firewall (WAF) engine that provides a robust security layer for your web applications. Initially developed for Apache, ModSecurity now supports IIS and Nginx, offering flexible and powerful protection against various web-based attacks. It acts as an intrusion detection and prevention engine, analyzing HTTP traffic and blocking malicious requests before they reach your application. Originally developed and sponsored by Trustwave, it has been transfered to the OWASP foundation earlier this year.
Kubernetes has quickly become the industry standard for managing applications in the cloud. What was once seen as a complex technology is now part of the basics for companies looking to grow and scale their digital operations. These days, setting up a Kubernetes cluster is fairly straightforward, and many teams can get up and running in no time. However, just because it’s easy to set up doesn’t mean it’s always done right.
As an early adopter of Docker, I’ve witnessed its amazing growth from the early days. I started with using Docker Swarm, and in 2018, I even wrote several blog posts on using Docker Swarm and how to use logspout to collect logs from Docker Swarm containers. In those posts, I explained how to deploy a global container on every node in a Swarm mode cluster to forward logs to a remote Logstash endpoint.
This post is about enabling the ModSecurity feature for ingress-nginx in practice.
ModSecurity is an open source web application firewall (WAF). It can help you provide an additional layer of security in front of your application. I will leave the the what and how on usnig a WAF for others to talk about (there quite a few good blog posts available on the web on this topic), and this post will soley focus on enabling the functionality in ingress-nginx.
