SlideShare a Scribd company logo

Protect against threats with bullet-proof integration | MuleSoft

Download as PPTX, PDF
MuleSoft
MuleSoft

To watch the webinar, please visit: http://www.mulesoft.com/webinars/protect-threats-bullet-proof-integration Enterprise integrations running across trust boundaries demand robust security solutions. Mule Enterprise Security enables end-to-end protection of your integration ecosystem. Join Reza Shafii, Director of Product Management at MuleSoft, to better understand how our enterprise-grade security solution can help you: Block unauthorized access to your systems Eliminate exposure of sensitive data and information Prevent attacks through proactive threat management Presenter: Reza Shafii, Director of Product Management, MuleSoft Inc.

Technology
1 of 13
Mule Enterprise Security Presenter: Reza Shafii, Director of Product Management MuleSoft, @mulesoft, @cloudhub
Agenda Introducing Mule Enterprise Security Drill-down into – Mule STS OAuth 2.0 Provider – Mule Credential Vault – Mule Security Filter Processors Brief Overview of other New Mule Enterprise Security Features Wrap-up and Q&A All contents Copyright © 2011, MuleSoft Inc. 3
Mule Enterprise Security - Benefits 1 - Protect access to your Mule application end-points and the services they access SOA Mobile 2 - Maintain the confidentiality of data used and emitted by your mule flows APIs 3 - Guard your Mule interfaces against SaaS security attacks Integration All contents Copyright © 2011, MuleSoft Inc. 4
Mule Enterprise Security All contents Copyright © 2011, MuleSoft Inc. 5
Mule STS OAuth 2.0 Provider - Why Protect your APIs Application End-Users with OAuth Applications (OAuth Clients) Enables credentials Mobile Apps Web Apps Mule Cloud Connector Apps to only be shared with a single, OAuth Protected central entity APIs Exposed by Mule Application (OAuth Service Provider) All contents Copyright © 2011, MuleSoft Inc. 6
Mule STS OAuth 2.0 Provider - What Mule can act as an OAuth 2.0 provider OAuth element protects flow Supports for all OAuth 2.0 grant types Supported end-points – HTTP/S, Jetty, Servlet, Web Services All contents Copyright © 2011, MuleSoft Inc. 7
Mule Credential Vault - Why Access external end-points without exposing their access credentials – Store credentials in encrypted format All contents Copyright © 2011, MuleSoft Inc. 8
Mule Credential Vault - What Encrypt content of Mule application property files Mule Studio provides property value encryption tool Values decrypted upon access from Mule Flows All contents Copyright © 2011, MuleSoft Inc. 9
Mule Security Filter Processors - Why Whitelist a specific set or range of IP addresses Enable expiry policy using message time-stamp All contents Copyright © 2011, MuleSoft Inc. 10
Mule Security Filter Processors - What Use Mule security filter processors to – Set filtering needs and parameters Support for – IP filtering (single, range, and CIDR) – Message expiry filtering All contents Copyright © 2011, MuleSoft Inc. 11
Mule Enterprise Security – Features Overview Feature Description Mule Secure Token Enables a Mule server to act as an OAuth Service (STS) – 2.0 authentication provider to protect OAuth 2.0 Provider specific mule flows. Mule Credential Vault Encrypt sensitive values (e.g. passwords) in your Mule message flows. Mule Security Filter Allow filtering of messages based on Processors security criteria: IP based and expiry based. Mule Digital Signature Simplifies the signing and verification of Processors XML Signatures within Mule flows. Mule Message Easily encrypt and decrypt sensitive data Encryption Processors in Mule messages. All contents Copyright © 2011, MuleSoft Inc. 12
Mule Enterprise Security 1 - Protect access to your Mule application end-points and the services they access SOA Mobile 2 - Maintain the confidentiality of data used and emitted by your mule flows APIs 3 – Guard your Mule interfaces against SaaS security attacks Integration All contents Copyright © 2011, MuleSoft Inc. 13
Q&A All contents Copyright © 2011, MuleSoft Inc. 15

Recommended

Joint Ariba SAP Roadmap
Joint Ariba SAP RoadmapJoint Ariba SAP Roadmap
Joint Ariba SAP RoadmapSAP Ariba
 
The Next Wave of Application Architecture | MuleSoft
The Next Wave of Application Architecture | MuleSoftThe Next Wave of Application Architecture | MuleSoft
The Next Wave of Application Architecture | MuleSoftMuleSoft
 
SAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftSAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftMuleSoft
 
IoT architecture
IoT architectureIoT architecture
IoT architectureSumit Sharma
 
The CIO's Guide to Digital Transformation
The CIO's Guide to Digital TransformationThe CIO's Guide to Digital Transformation
The CIO's Guide to Digital TransformationMuleSoft
 
Gluecon 2017: Metadata is the Glue
Gluecon 2017: Metadata is the GlueGluecon 2017: Metadata is the Glue
Gluecon 2017: Metadata is the GlueMuleSoft
 
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...MuleSoft
 
How to Get Unstuck
How to Get Unstuck How to Get Unstuck
How to Get Unstuck MuleSoft
 

Recommended

Joint Ariba SAP Roadmap
Joint Ariba SAP RoadmapJoint Ariba SAP Roadmap
Joint Ariba SAP RoadmapSAP Ariba
 
The Next Wave of Application Architecture | MuleSoft
The Next Wave of Application Architecture | MuleSoftThe Next Wave of Application Architecture | MuleSoft
The Next Wave of Application Architecture | MuleSoftMuleSoft
 
SAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftSAP Integration: Best Practices | MuleSoft
SAP Integration: Best Practices | MuleSoftMuleSoft
 
IoT architecture
IoT architectureIoT architecture
IoT architectureSumit Sharma
 
The CIO's Guide to Digital Transformation
The CIO's Guide to Digital TransformationThe CIO's Guide to Digital Transformation
The CIO's Guide to Digital TransformationMuleSoft
 
Gluecon 2017: Metadata is the Glue
Gluecon 2017: Metadata is the GlueGluecon 2017: Metadata is the Glue
Gluecon 2017: Metadata is the GlueMuleSoft
 
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...
Gluecon 2017: API Modelling Framework - A Toolbox for Interacting With API S...MuleSoft
 
How to Get Unstuck
How to Get Unstuck How to Get Unstuck
How to Get Unstuck MuleSoft
 
Product Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformProduct Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformMuleSoft
 
How API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationHow API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationMuleSoft
 
Microservices on Anypoint Platform
Microservices on Anypoint PlatformMicroservices on Anypoint Platform
Microservices on Anypoint PlatformMuleSoft
 
Applying UX principles and methods to APIs
Applying UX principles and methods to APIs Applying UX principles and methods to APIs
Applying UX principles and methods to APIs MuleSoft
 
Secure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseSecure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseMuleSoft
 
Gathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkGathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkMuleSoft
 
CloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsCloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsMuleSoft
 
Governing and Sharing your Integration Assets
Governing and Sharing your Integration AssetsGoverning and Sharing your Integration Assets
Governing and Sharing your Integration AssetsMuleSoft
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft
 
Designing and building Mule applications
Designing and building Mule applicationsDesigning and building Mule applications
Designing and building Mule applicationsMuleSoft
 
Object Store
Object StoreObject Store
Object StoreMuleSoft
 
Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0MuleSoft
 
Troubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformTroubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformMuleSoft
 
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)MuleSoft
 
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)MuleSoft
 
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)MuleSoft
 
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)MuleSoft
 
Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)MuleSoft
 
Know What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardKnow What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardMuleSoft
 
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...MuleSoft
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 

More Related Content

More from MuleSoft

Product Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformProduct Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformMuleSoft
 
How API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationHow API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationMuleSoft
 
Microservices on Anypoint Platform
Microservices on Anypoint PlatformMicroservices on Anypoint Platform
Microservices on Anypoint PlatformMuleSoft
 
Applying UX principles and methods to APIs
Applying UX principles and methods to APIs Applying UX principles and methods to APIs
Applying UX principles and methods to APIs MuleSoft
 
Secure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseSecure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseMuleSoft
 
Gathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkGathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkMuleSoft
 
CloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsCloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsMuleSoft
 
Governing and Sharing your Integration Assets
Governing and Sharing your Integration AssetsGoverning and Sharing your Integration Assets
Governing and Sharing your Integration AssetsMuleSoft
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft
 
Designing and building Mule applications
Designing and building Mule applicationsDesigning and building Mule applications
Designing and building Mule applicationsMuleSoft
 
Object Store
Object StoreObject Store
Object StoreMuleSoft
 
Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0MuleSoft
 
Troubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformTroubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformMuleSoft
 
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)MuleSoft
 
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)MuleSoft
 
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)MuleSoft
 
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)MuleSoft
 
Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)MuleSoft
 
Know What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardKnow What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardMuleSoft
 
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...MuleSoft
 

More from MuleSoft (20)

Product Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint PlatformProduct Vision and Roadmap for Anypoint Platform
Product Vision and Roadmap for Anypoint Platform
 
How API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy ModernizationHow API Enablement Drives Legacy Modernization
How API Enablement Drives Legacy Modernization
 
Microservices on Anypoint Platform
Microservices on Anypoint PlatformMicroservices on Anypoint Platform
Microservices on Anypoint Platform
 
Applying UX principles and methods to APIs
Applying UX principles and methods to APIs Applying UX principles and methods to APIs
Applying UX principles and methods to APIs
 
Secure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterpriseSecure by design: Scaling security across the enterprise
Secure by design: Scaling security across the enterprise
 
Gathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at SplunkGathering Operational Intelligence in Complex Environments at Splunk
Gathering Operational Intelligence in Complex Environments at Splunk
 
CloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment OptionsCloudHub and other Cloud Deployment Options
CloudHub and other Cloud Deployment Options
 
Governing and Sharing your Integration Assets
Governing and Sharing your Integration AssetsGoverning and Sharing your Integration Assets
Governing and Sharing your Integration Assets
 
MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes MuleSoft's Approach to Driving Customer Outcomes
MuleSoft's Approach to Driving Customer Outcomes
 
Designing and building Mule applications
Designing and building Mule applicationsDesigning and building Mule applications
Designing and building Mule applications
 
Object Store
Object StoreObject Store
Object Store
 
Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0Introducing Anypoint Exchange 2.0
Introducing Anypoint Exchange 2.0
 
Troubleshooting Anypoint Platform
Troubleshooting Anypoint PlatformTroubleshooting Anypoint Platform
Troubleshooting Anypoint Platform
 
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
Relevancy in a Rapidly Changing World (Yvonne Wassenaar)
 
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
Leveraging APIs and the Cloud to Transform Veteran Care (Steve Rushing)
 
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
Role of Technology in the Evolution of P&C Insurance (Marcus Ryu)
 
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
Industry Stories: How Application Networks are Delivering Agility (Ross Mason)
 
Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)Agility in the Age of Services and Hyperspecialization (Greg Schott)
Agility in the Age of Services and Hyperspecialization (Greg Schott)
 
Know What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics DashboardKnow What You Don’t Know - ModusBox Presents the Metrics Dashboard
Know What You Don’t Know - ModusBox Presents the Metrics Dashboard
 
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
PetSmart’s eCommerce Modernization: Using APIs To Drive Agility & Omnichannel...
 

Recently uploaded

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Protect against threats with bullet-proof integration | MuleSoft

  • 1. Mule Enterprise Security Presenter: Reza Shafii, Director of Product Management MuleSoft, @mulesoft, @cloudhub
  • 2. Agenda Introducing Mule Enterprise Security Drill-down into – Mule STS OAuth 2.0 Provider – Mule Credential Vault – Mule Security Filter Processors Brief Overview of other New Mule Enterprise Security Features Wrap-up and Q&A All contents Copyright © 2011, MuleSoft Inc. 3
  • 3. Mule Enterprise Security - Benefits 1 - Protect access to your Mule application end-points and the services they access SOA Mobile 2 - Maintain the confidentiality of data used and emitted by your mule flows APIs 3 - Guard your Mule interfaces against SaaS security attacks Integration All contents Copyright © 2011, MuleSoft Inc. 4
  • 4. Mule Enterprise Security All contents Copyright © 2011, MuleSoft Inc. 5
  • 5. Mule STS OAuth 2.0 Provider - Why Protect your APIs Application End-Users with OAuth Applications (OAuth Clients) Enables credentials Mobile Apps Web Apps Mule Cloud Connector Apps to only be shared with a single, OAuth Protected central entity APIs Exposed by Mule Application (OAuth Service Provider) All contents Copyright © 2011, MuleSoft Inc. 6
  • 6. Mule STS OAuth 2.0 Provider - What Mule can act as an OAuth 2.0 provider OAuth element protects flow Supports for all OAuth 2.0 grant types Supported end-points – HTTP/S, Jetty, Servlet, Web Services All contents Copyright © 2011, MuleSoft Inc. 7
  • 7. Mule Credential Vault - Why Access external end-points without exposing their access credentials – Store credentials in encrypted format All contents Copyright © 2011, MuleSoft Inc. 8
  • 8. Mule Credential Vault - What Encrypt content of Mule application property files Mule Studio provides property value encryption tool Values decrypted upon access from Mule Flows All contents Copyright © 2011, MuleSoft Inc. 9
  • 9. Mule Security Filter Processors - Why Whitelist a specific set or range of IP addresses Enable expiry policy using message time-stamp All contents Copyright © 2011, MuleSoft Inc. 10
  • 10. Mule Security Filter Processors - What Use Mule security filter processors to – Set filtering needs and parameters Support for – IP filtering (single, range, and CIDR) – Message expiry filtering All contents Copyright © 2011, MuleSoft Inc. 11
  • 11. Mule Enterprise Security – Features Overview Feature Description Mule Secure Token Enables a Mule server to act as an OAuth Service (STS) – 2.0 authentication provider to protect OAuth 2.0 Provider specific mule flows. Mule Credential Vault Encrypt sensitive values (e.g. passwords) in your Mule message flows. Mule Security Filter Allow filtering of messages based on Processors security criteria: IP based and expiry based. Mule Digital Signature Simplifies the signing and verification of Processors XML Signatures within Mule flows. Mule Message Easily encrypt and decrypt sensitive data Encryption Processors in Mule messages. All contents Copyright © 2011, MuleSoft Inc. 12
  • 12. Mule Enterprise Security 1 - Protect access to your Mule application end-points and the services they access SOA Mobile 2 - Maintain the confidentiality of data used and emitted by your mule flows APIs 3 – Guard your Mule interfaces against SaaS security attacks Integration All contents Copyright © 2011, MuleSoft Inc. 13
  • 13. Q&A All contents Copyright © 2011, MuleSoft Inc. 15

Editor's Notes

  1. Slide 2: Housekeeping items Just a couple of housekeeping items before we get started: This session is being recorded and will be available immediately following the webinarYou can download the slides right now from the “attachments” tabIf you have content or technical questions, please feel free to ask them at any time by typing them into and sending them via the question button above the slides. We will answer questions at the end of the session but please feel free to send over questions as they arise. If we don’t get to your question or if you have any detailed use-case specific questions, you can submit them to our team of experts at tinyurl.com/askmulesoft 
  2. Go over the MES benefitsThen mention the fact that these benefits span solution areas
  3. Safe Access as per OAuth:- Allows you to protect any HTTP based interface for access – usually used for REST APIsTemporary and restricted access – Access is controlled through OAuth tokens which can have an expiry date and limited scope to allow for RBACOften consumed and used by Mobile apps
  4. Key for decrypting the properties is provided as a system property: <secure-property-placeholder:config key="${runtime.property}" location="test.qa.properties"/>./mule -D-Mruntime.propery=mySecretKey
  5. Useful for security gateway scenarios
  6. Go over the MES benefitsThen mention the fact that these benefits span solution areas
  7. Slide 2: Housekeeping items Just a couple of housekeeping items before we get started: This session is being recorded and will be available immediately following the webinarYou can download the slides right now from the “attachments” tabIf you have content or technical questions, please feel free to ask them at any time by typing them into and sending them via the question button above the slides. We will answer questions at the end of the session but please feel free to send over questions as they arise. If we don’t get to your question or if you have any detailed use-case specific questions, you can submit them to our team of experts at tinyurl.com/askmulesoft