Traefik Labs updates address rising Kubernetes adoption and API management

Traefik Labs has unveiled product updates that address the escalating adoption of Kubernetes and the crucial role of API management in modern digital infrastructure.
The updates include a Kubernetes-native API gateway, integration of a Web Application Firewall, and advanced API management capabilities that improve governance and security.
Traefik Labs introduced Traefik Hub API Gateway, engineered to provide a native Kubernetes experience, while providing ease of use that is a hallmark of Traefik products, along with streamlined integration with existing infrastructure, and a simplified transition for those scaling from Traefik Proxy open source to a fully-featured, production-grade API gateway product.
This new offering complements Traefik Enterprise API Gateway, which addresses a broad spectrum of use cases and continues to deliver unparalleled flexibility and compatibility across multiple orchestrators that include HashiCorp Nomad, Azure Service Fabric, Docker Swarm, and Kubernetes.
Recognizing the complementary strengths of API gateways and WAFs, Traefik Labs has taken a pioneering step towards fortifying API security with an innovative integration.
The company has introduced the capability to incorporate a WAF directly at the API Gateway layer.
This approach enhances runtime protection and establishes a comprehensive security posture that is resilient against a wide array of cyber threats.
Available to users of Traefik Proxy v3 open source, this innovation integrates two OWASP projects: Coraza WAF and the Core Rule Set.
This initial release lays the foundation for future enhancements and signifies Traefik Labs' commitment to aligning with the evolving PCI DSS v4.0 standards.
With WAF transitioning from a best-practice to a PCI DSS compliance requirement by March 2025, Traefik Labs is not only ahead of the curve but is also setting a new standard in API security, ensuring that organizations are well-equipped to face the cyber challenges of today and tomorrow.
By scrutinizing incoming traffic to block malicious requests before they can exploit any vulnerabilities, WAFs have been instrumental in safeguarding web applications and APIs, particularly excelling in thwarting older, yet persistently dangerous attack methods such as injection and security misconfigurations.
Traefik Labs introduced advanced API management capabilities that enhance API governance and security through precise access control mechanisms to guard against continual threats of data breaches and the potential for extended downtimes due to API misuse.
With this update, users gain the ability to define access through methods, paths, and regex expressions for HTTP-based web applications.
This level of fine-grained control is critical as digital ecosystems grow more interconnected, and the need to mitigate risks associated with data breaches becomes increasingly vital.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Tue, 19 Mar 2024 14:13:05 +0000


Cyber News related to Traefik Labs updates address rising Kubernetes adoption and API management

Traefik Labs updates address rising Kubernetes adoption and API management - Traefik Labs has unveiled product updates that address the escalating adoption of Kubernetes and the crucial role of API management in modern digital infrastructure. The updates include a Kubernetes-native API gateway, integration of a Web ...
8 months ago Helpnetsecurity.com
Auditing Kubernetes with Open Source SIEM and XDR - Container technology has gained traction among businesses due to the increased efficiency it provides. In this regard, organizations widely use Kubernetes for deploying, scaling, and managing containerized applications. Organizations should audit ...
1 year ago Thehackernews.com
Rootkit Turns Kubernetes from Orchestration to Subversion - As software development focuses on continuous integration and deployment, orchestration platforms like Kubernetes have taken off, but that popularity has put them in attackers' crosshairs. Most successful attacks - at least those publicly reported - ...
1 year ago Darkreading.com
Protecting against new Kubernetes threats in 2024 and beyond - A wave of new attacks targeted Kubernetes in 2023: Dero and Monero crypto miners, Scarleteel and RBAC-Buster. Finding an initial foothold with a web app vulnerability, then moving laterally is the hallmark of a Kubernetes attack. Understanding the ...
11 months ago Venturebeat.com
Defining Good: A Strategic Approach to API Risk Reduction - A good API security strategy starts with a well thought out API security posture governance program that spans from design to deployment. That standard, if communicated and enforced effectively, will not only positively affect how a developer designs ...
10 months ago Securityboulevard.com
XM Cyber Launches Kubernetes Exposure Management to Intelligently Protect Critical Container Environments - PRESS RELEASE. HERZLIYA, Israel, Nov. 29, 2023 /PRNewswire/ - XM Cyber, the leader in hybrid cloud exposure management, today announced new capabilities that provide complete and continuous visibility into risks and vulnerabilities in Kubernetes ...
1 year ago Darkreading.com
Salt Security Delivers API Posture Governance Engine - PRESS RELEASE. PALO ALTO, Calif., Jan. 17, 2024 /PRNewswire/ - Salt Security, the leading API security company, today announced multiple advancements in discovery, posture management and AI-based threat protection to the industry leading Salt ...
10 months ago Darkreading.com
Imperva Named an Overall Leader in the KuppingerCole Leadership Compass: API Security and Management Report - We're thrilled to share that Imperva has achieved the prestigious status of Overall Leader in the KuppingerCole Leadership Compass: API Security and Management report. A notable achievement is being recognized as one of the few non-gateway-first ...
11 months ago Imperva.com
Kubernetes Vulnerability Let Attackers Take Full System Control - A new vulnerability, CVE-2023-5528, has been discovered with Kubernetes. This vulnerability is associated with a command injection vulnerability that leads to remote code execution with SYSTEM-level privileges on the compromised Windows node. The ...
8 months ago Gbhackers.com
The Kubernetes Cost Features You Need in 2024 - In the rapidly evolving Kubernetes ecosystem, managing costs effectively is as critical as ensuring operational efficiency. To make the most of your shift to cloud native technologies in 2024, you need a roadmap to Kubernetes cost optimization, ...
11 months ago Securityboulevard.com
That time I broke into an API and became a billionaire - This included an internal API with a dependency on a third-party banking API. We'll get to the banking API later in this story. That's all thanks to developers embracing agile development, microservices, and API gateway redirection that exposed ...
11 months ago Securityboulevard.com
Unified API Protection - A massive segment of organizations' digital footprint today is built around internal and external APIs. As more IT leaders realize and acknowledge the size of APIs' influence, it's become clear that new methods are needed to secure those APIs. While ...
1 year ago Cequence.ai
Dual Privilege Escalation Chain: Exploiting Monitoring and Service Mesh Configurations and Privileges in GKE to Gain Unauthorized Access in Kubernetes - While each issue might not result in significant damage on its own, when combined they create an opportunity for an attacker who already has access to a Kubernetes cluster to escalate their privileges. If an attacker has the ability to execute in the ...
11 months ago Unit42.paloaltonetworks.com
Patch Now: Kubernetes RCE Flaw Allows Full Takeover of Windows Nodes - A security bug in the widely used Kubernetes container-management system allows attackers to remotely execute code with System privileges on Windows endpoints, potentially leading to full takeover of all Windows nodes within a Kubernetes cluster. ...
8 months ago Darkreading.com
Vulnerability prioritization in Kubernetes: unpacking the complexity - One particularly significant aspect to consider is vulnerability prioritization. We'll explore practical prioritization strategies tailored to Kubernetes and discuss the significance of effective vulnerability patching. A vulnerability in a pod that ...
11 months ago Securityboulevard.com
Kubernetes DaemonSet: Monitoring in Kubernetes - That's why it makes sense to collect logs from every node and send them to some sort of central location outside the Kubernetes cluster for persistence and later analysis. A DaemonSet in Kubernetes is a specific kind of workload controller that ...
11 months ago Feeds.dzone.com
5 open-source tools for pentesting Kubernetes you should check out - Kubernetes, often called K8s, is an open-source platform designed to automate the deployment, scaling, and operations of containerized applications. Kubernetes has become a critical part of the infrastructure for many organizations. With its ...
11 months ago Helpnetsecurity.com
Unified Endpoint Management: What is it and What's New? - What began as Mobile Device Management has now transitioned through Mobile Application Management and Enterprise Mobility Management to culminate in UEM. This progression underscores the industry's response to the ever-growing challenges of modern IT ...
11 months ago Securityboulevard.com
Multiple Flaws in Google Kubernetes Engine - Google Kubernetes Engine has been detected with two flaws that a threat actor can utilize to create significant damage in case the threat actor already has access inside the Kubernetes cluster. The first issue was associated with FluentBit with ...
11 months ago Gbhackers.com
Helm: Simplifying Kubernetes Deployments - As a Kubernetes package manager, Helm greatly streamlines and simplifies deployment processes. In this article, we will delve deeply into Helm and explore how it facilitates the easier management of Kubernetes deployments. Templates: Helm uses ...
10 months ago Feeds.dzone.com
What do CISOs need to know about API security in 2024? - According to Postman's 2023 State of the API Report, roughly 66% of participants indicated that their APIs contribute to generating revenue. A recent ESG survey on API security showed that 92% of organisations using APIs have experienced a breach in ...
11 months ago Cybersecurity-insiders.com
API Gateways and API Protection: What’s the Difference? - Security Boulevard - At the security level, API security tools and gateways provide different controls to protect APIs from various threats. API protection – or API security – refers to a comprehensive set of security capabilities designed to protect APIs from a wide ...
2 months ago Securityboulevard.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Optimizing API Lifecycles - In this article, we will delve into the intricacies of optimizing API lifecycles-an essential aspect for product managers navigating the dynamic landscape of digital integration. From conceptualization to retirement, understanding and implementing ...
11 months ago Feeds.dzone.com
Apple Releases Updates for Older Devices in 2021 - Apple released updates to many of its older devices in 2021, including the iPhones, iPads, and Macs. The updates are to address security vulnerabilities that were discovered in the company's older devices. Apple has previously released several ...
1 year ago Thehackernews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)