Developer Newsletter - December 2023

Romana Vasyleha

🎉 Redefining Security in 2023 and Beyond!

“Wow, what a year! As I reflect on 2023, I’m so proud of what the team at Pangea has accomplished. Looking back at all of the product launches, awards, and events that filled our year, I can't help but feel gratitude for our incredible team, and for the unwavering support of our community. Together, we've achieved some truly remarkable things.”

- Oliver Friedrichs, Pangea CEO

Read the recap

🤲 Help us help you!

We invite you to a short 1-2 minute survey to help us understand what Pangea services you are currently using. Please share your feedback on what’s going well and where the Pangea platform can improve. Your contribution is immensely appreciated, and it plays a crucial role in our continuous effort to create great developer solutions that help your organizations build applications that are secure by design.

Take the survey

🆕 Product Updates

👀AuthZ: Private Beta

Our AuthZ service is now available upon request! With Pangea’s AuthZ service, you can embed authorization into any app starting with simple roles, extending into fine-grained access control, and soon annotating with real time attributes. We’d love to see what you build and understand

📄Secure Object Store

Secure Object Store (SOS) is available as private beta (contact Bruce McCorkendale). SOS is a file and object store for application developers to upload information, request sensitive data from customers, and securely share data with customers. SOS uses Vault managed keys to encrypt all objects in the store on top of the default encryption of the underlying cloud block storage (AWS S3 or Google Cloud Storage). SOS encryption can use developer supplied keys, and individual files can be encrypted with a password that is never stored and is required for local decryption. Developers can use SOS to organize documents and files into folders and to create email/SMS TOTP or password authenticated upload and download share-links for receiving and sending files. Share-links are always authenticated (secured by email, phone, or password), so there is no risk of unauthenticated share-links. SOS can optionally restrict the types and sizes of files that will be accepted. SOS is integrated with File Scan to prevent storage of anything detected as malware from being stored. The Pangea SOS API allows you to add powerful and secure document management into your application with minimal code, and no infrastructure management.

🔎AuthN + Intel

Embedding our threat intelligence services directly into AuthN gives you control to block bad actors without interrupting your legitimate users. Now you can use Embargo, IP Intel, and Domain Intel to control access by geography, VPN status, and even IP and domain reputation. Visit Security Controls on your Pangea User Console to activate it now.

👇Pango’s Picks

🔒 An easy way to make your network automation secure!

“Infrastructure automation projects frequently involve including and managing user credentials, user IDs, telephone numbers, and email addresses for both employees and often for external business contacts. Identifying if the user account information was previously breached can improve the security posture during onboarding.” - Read article written by guest author Joel King

🌐Using IPs, Domains, and Geolocation to secure your Authentication

When I say “secure authentication,” what comes to mind? You probably think of SSL, password policies, and MFA. Those are a good starting point but what if we could look into the authentication request itself? What if we could use that request context - the IP address, geolocation, and even the user’s information - to apply additional security in front of our application in real-time?

📽️ Pangea @ThatConference: Interview with Tejas Kumar

Listen in to Tejas Kumar answering some questions from our Dev Advocate, Vanessa Villa while at THAT Conference! They chat about his keynote, inspirational figures, and the realities of shipping code!

📚 Secure by Design Education Hub

Developers of all levels can grow their security knowledge and keep up with all the latest in cybersecurity.

Developing Secure by Design Apps: A comprehensive view

Achieving Secure by Design for an app (including all its essential components and infrastructure) does not happen by accident. It requires a comprehensive approach to security and changes to the current typical practice. Read this article for critical insights on how this should be done.

Secure Audit Logging: An overview

In this article we provide an overview of secure audit logging, an important security measure to employ. Read this article to learn about the following:

What secure audit logs are and different types of logs.
The uses of audit logs and why they are useful for you to have.
Briefly, why you need secure audit logs, explaining the importance, and challenge of having full integrity logs.

🤝 Upcoming Events

CSA & ISSA Security 2024 Q1 Event: Jan 18

CPO, Rob Truesdell, will be presenting “Your mission: Build an inherently secure app” at this educational event. The Cloud Security Alliance (CSA) Southwest is a world-leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

THAT Conference TX: Jan 29 - 31

Developer Advocate, Vanessa Villa, will be giving a talk on what “Shift Left of Left" Security is all about and why you should prioritize it in your software practices. She’ll wrap the presentation by applying some of the concepts in a demo app that participants can also follow along with and walk through the Secure by Design implementation.

Product Manager, Keith Casey, will also be presenting on the new constraints and capabilities the cloud gives us, exploring three architectural Cloud Design Patterns - Circuit Breaking, the Strangler, and Pub/Sub - to make systems more reliable, more maintainable, and probably cheaper to run.