Back to Blog

Developer Newsletter - February 2024

Romana Vasyleha
Romana Vasyleha

👥 Join our community in our new home!!

👉 https://community.pangea.cloud/

We’ve created a new place for all of you to ask questions, submit feature requests, showcase projects, and help each other out! Slack has been great for our early community activity but we’re moving over to a proper forum to scale up what we do in our community. In our new channel, you’ll be able to:

  • easily search for answers to commonly asked questions

  • check out how others have been applying Pangea in their projects and applications

  • find inspiration in how others are applying Pangea services in new and interesting ways.

When you join the community, please introduce yourself in the “Introduction” category so that we can all learn more about each other!


🆕 Product Updates

🔗 SAML Authentication for Single Sign-On (SSO)

With this AuthN update, we’ve added SAML as an authentication option for seamless Single Sign-On with any enterprise Identity Provider (IDP). Using SAML creates a strong connection between your existing security configuration and downstream applications, creating benefits like enhanced security and compliance, efficient user management, and a streamlined user experience.

🔄 User Import

A key part of moving to an Identity Provider is painlessly migrating users without sending mass password reset emails annoying users. With our new User Import capabilities, you can export from your own user store and import directly to Pangea allowing your users to complete onboarding at their pace at their next login.

🔑 WebAuthn / Passkeys

With this release, we’re excited to announce General Availability of Passkeys for all accounts. Passkeys are a replacement for passwords and are a standard-based technology protected by the biometrics or PIN of your device. Unlike passwords, they are resistant to phishing, are always strong, and are designed so that there are no shared secrets. They simplify account registration for apps and websites. They are faster to sign in with, easier to use, and much more secure.

🛡️ Import Hashed Passwords

Onboarding your users is the hardest part of changing Identity Providers. With Pangea’s new Hashed Password Import capability, you can import your users with their existing passwords seamlessly. At their next authentication, they’ll be prompted for a new password and their account will be activated in seconds.

📊 Integrated Service Auditing

With Integrated Service Auditing, we have extended our AuthN service to leverage our Secure Audit Service to capture every significant event within AuthN. Now you can determine who attempted to log in when, what MFA options they used, and the result of the attempt. This is a key capability for AuthN to improve debugging, compliance, and overall auditing of the system as a whole.

To keep up with all of the changes and updates on the platform, visit our change log.


👇 Pango’s Picks

A Guide to Choosing a Secure Vault for Your Application Secrets and Keys

So you’ve decided to throw away those .env files with all your app secrets and move to a more secure option. Well first off, congratulations 🎉, you’re on your way to evading cyber attacks involving exposed secrets! Read on to learn more…

Integrate an Audit Trail for NextAuth.js in a few lines of code

In a world where hackers are trying to brute force user accounts (23andMe breach 2023) and session tokens are being stolen (OKTA breach 2023) to impersonate authenticated users and run critical user actions, it is highly important for developers to maintain a tamper-proof audit log of all authentication events to keep their apps secure.

Where is the incentive for devs to add security?

Check out this short reel covering a discussion between our dev advocates.


💻 New on our site!

Homepage redesign

Have you checked out our home page’s refreshed design? ✨ Let us know what you think about the update!

Financial Use Case

If you’re building a fintech or financial services app, you're in luck! 🌟🏦📱 We developed a comprehensive guide explaining how you can accelerate security, compliance, and growth with our essential security building blocks. Check it out!

SiteMana Case study

We're thrilled to share our new case study, highlighting SiteMana's integration of Pangea's IP Intel and Domain Intel security services into its AI-powered email marketing platform. This partnership exemplifies our efforts in providing clean and safe data to your customers.

ESG report landing page

Did you know there is research behind why building Secure by Design applications is important? Read this report developed by the Enterprise Strategy Group that dives into the stats behind the application security industry.

Pricing page

We made it easier for you to see how our payment system works. Choose how much you are using each service and we’ll tell you how much it costs (the beauty of pay-as-you-go).


📚 Secure by Design Education Hub

A Taxonomy of Practices for Secure by Design Apps

There are many practices involved in fully embracing Secure by Design, but there has been little in the way of an actionable list of what app developers and their organizations should do to achieve it. Thus we set out to resolve that through this taxonomy and the various articles on the Secure by Design Education Hub.

Secure by Design Organization Considerations

Embracing Secure by Design is not just about building more secure apps, it is about building trust. As you implement it, there are real benefits for both your organization and your customers. This requires certain cultural elements. The benefits, including reduced security risks, increased customer trust and brand reputation, and increased opportunities, should outweigh any needed initial investment.


📅 Upcoming Events

In March we will be announcing our next exciting hackathon with Devpost! We can’t tell you all the details yet but you will love the new story format and will have 30 days to get your submissions in. Make sure you follow us on social and our new forum to get the details first!

📅 Past Events

THAT Conference - Pangea at THAT: Texas Edition

At the end of January, Pangea was at THAT Conference Texas edition. Keith Casey and Vanessa Villa presented on “Cloud Design Patterns” and “Secure by Design and what that means in practice”. Read the recap with their thoughts on our blog!

Vanessa at DevWeek

Last week, Dev Advocate Vanessa Villa was at #DevWeek2024 to present “The New Developer Dance". Her presentation focused on why "Shift Left of Left" Security is key in software dev.


🧑‍💻We’re hiring!

We’re growing. Here are some roles we are hiring for!

Enterprise AE | East Coast

Product Marketing

For more openings, view our careers page!

Thats it for this month. Thanks for tuning in!

The Pangea Team

Get updates in your inbox and subscribe to our newsletter

background landmass

We were recognized by Gartner®!

Pangea is a Sample Vendor for Composable Security APIs in the 2024 App Sec Hype Cycle report