Loadbalancer proud to announce ISO 27001:2022 compliance with NQA certification
Loadbalancer is proud to announce that it is now formally ISO 27001 compliant, cementing our position as a market-leader in Application Delivery solutions.
Loadbalancer is proud to announce that it is now formally ISO 27001 compliant, cementing our position as a market-leader in Application Delivery solutions.
Loadbalancer is proud to announce that it is now formally ISO 27001 compliant, cementing our position as a market-leader in Application Delivery solutions.
We all want to protect ourselves from cyberattacks, and any tool that can help us proactively monitor our networks and systems has got to be a good thing, right?
Here is another example of a more “exotic” Stunnel configuration. Most people, and rightly so, will ask “but why?”. Well, because we can!
With mTLS, the client is required to present its certificate to the server (and visa versa). Hence mutual certificate authentication occurs. This double layer of authentication provides an additional layer of protection against impersonation attacks.
TLS/SSL encryption of your HTTPS data brings a number of significant benefits, leading to a trusted user experience.
We've had a few concerned customers asking about the Google disclosure of the recent huge DDoS attack, and the potential underlying vulnerability in some HTTP/2 servers.
SSL/TLS termination is the most regularly implemented kind of SSL/TLS offload.
Data protection is focused on making sure that data remains available and immutable — even after a cybersecurity attack, or system failure. This prevents data loss and facilitates data recovery.
For Enterprise 8.9, Loadbalancer.org added a new SSL Terminator for HAProxy, allowing for mutual Transport Layer Security (mTLS) configurations.
If you're thinking about giving mTLS a go, why not try it for yourself by following the steps below.
Enhanced visibility for more efficient and secure ADC management.
There seems to be a lot of confusion about the role of a Web Application Firewall (WAF) in application security, and what types of threat a WAF can help mitigate in your deployment.
TLS encryption (formerly known as SSL encryption) is used to improve the safety of data exchanged over a network. But where should it sit in your network architecture?
Some network engineers think that Web Application Firewalls (WAFs) are so complicated, they've been known to run away and hide for days when they've encountered one.
The talk of the town at InfoSec 2023 was the evolving cyber security battleground, and the practical steps organizations might take in order to mitigate some of these threats.
The ModSecurity web application firewall (WAF) engine is set to go end-of-life (EOL) on 1 July 2024.
You need a clear, comprehensive view of your entire load balancing estate to maintain control and security.
It can sometimes be useful to make load balancing decisions based on the time and date. This allows you to conditionally refuse or redirect connections based on the time they're received.
There are two schools of thought on this: ‘yes, it should’ and ‘no, it shouldn't’. Let's look at the arguments both for and against.
Here's what we learned from crAPI about API security, and how a Web Application Firewall (WAF) can help you take things one step further.
Getting on board with zero trust is the easy part. Actually applying these principles to your architecture is less black and white.
I had the privilege of speaking in Dublin at this year's OWASP Core Rule Set Community Summit before then attending OWASP Global AppSec immediately afterwards.
We'd all rather prevent a disaster than have to live with the consequences of one.
Sometimes, we need to pass unusually large HTTP requests through our WAF stack.
A while ago I was asked if it would be possible to apply some general rate limiting in HAProxy and the WAF, in order to help prevent DOS-style attacks on a customer's servers.