Developer Newsletter - March 2024

Romana Vasyleha

We're live on Product Hunt 🚀

Support us on Product Hunt and get $25 of Pangea credits

Our Passkeys feature for AuthN is live on Product Hunt today. We would really appreciate your support with it – come join the conversation and help us get to #1 Product of the Day!

Support us on Product Hunt

🥇 Securathon Showdown

Our Securathon (Security Hackathon) is now open!! For all you devs out there, this is a great opportunity to build your security skills using Pangea APIs and win up to $3,000 USD in cash.

What we’re looking for:

A URL to a functional demo application built using Pangea APIs.
A URL to a code repository for your project.
A demo video of your project

Read the detailed instructions and register here

You have until Apr 29, 2024 to get your submissions in!

🆕 Product Updates

AuthZ Beta

Authorization is one of the most powerful but underused tools in most apps. With our new AuthZ Beta, you can start with simple Role-based Access Control (RBAC), introduce relationships between resources, and build into a full Relationship-based Access Control (ReBAC) or stop anywhere along that path. Get started now and let us know what you think.

Secure Share Beta

Secure Share API offers secure file sharing with encryption via Vault keys and password-protected files, allowing document organization, authenticated share-links, and restrictions on file types and sizes. It’s also integrated with File Scan to block malware. Check out the Beta today.

File Scan on GCP

The File Scan service is now generally available on organizations provisioned on GCP. This service allows a user to upload file objects and execute a malware scan using either Crowdstrike or ReversingLabs as the provider. File scanning is different from File Intel in that scanning uses static analysis engines against the file object to determine the intent and capabilities of that file object, whereas File Intel can only tell you the reputation of a previously known file.

Sanitize Beta

The Sanitize API helps you handle documents safely without worrying about whether they are malicious, contain dangerous URLs or harmful embedded content, or contain exploitable file format irregularities. Integrating with Redact to ease your mind about PII disclosure and compliance with regulatory standards such as HIPAA. Integrate with Secure Share for easier storage, organization, and secure document sharing. Try the Beta now!

To keep up with all of the changes and updates on the platform, visit our change log.

👇 Pango's Picks

New discourse community

If you haven’t joined us on our new community platform, what are you waiting for? In this new forum, we post product updates, answer questions, and take feedback, and everything is documented so that you can easily find answers to FAQs. We value feedback from each and every one of you.

Add "Login with Passkeys" to your React.js app in < 2 mins

Passkeys, passkeys, passkeys! Everyone's talking about them. With Amazon rolling out passkeys last year and Google encouraging users to make them the default authentication method, it raises the question: How do I add them to my app?

SAML Explained: The Foundation of Secure Authentication

As businesses and organizations expand their online presence, the need for robust authentication mechanisms becomes more crucial. This is where SAML (Security Assertion Markup Language) steps in as a fundamental tool in the realm of identity and access management. Explore what SAML is, its key features, and when it should be used to enhance security and streamline authentication processes.

📚 Secure by Design Education Hub

Developers of all levels can grow their security knowledge and keep up with all the latest in cybersecurity.

Secure by Design: An introduction for developers

Secure by Design is a set of principles and approaches, rapidly gaining public interest, promoted by a large international coalition of respected government agencies. This puts security at the forefront through practices such as applying security at every stage of the SDLC. There are large benefits to this for software developing organizations, developers, and users. This article introduces Secure by Design and describes its importance.

Creating and Running Secure by Design Software

Explore Secure by Design software development, emphasizing early and continuous security integration in the SDLC. Highlights include best practices from NIST's SSDF and OWASP's ASVS, focusing on secure coding and development lifecycle security, to foster resilient and trustworthy software.

The Developer’s Case for Secure by Design

In today’s ever-evolving threat landscape, where cyberattacks are becoming more sophisticated, there is a crucial aspect to consider: security. This article outlines the tangible benefits of Secure by Design for app developers (e.g., reduced security risks, lower costs, improved efficiency, boosted customer trust, increased opportunities), discusses the benefits of earlier security, and briefly outlines today’s app threat landscape.

📅 Upcoming Events

MFA Livestream

Mar 28 - 12:00 PM PST

Join our Dev Advocate Pranav Shikarpur and Product Manager Keith Casey on a LinkedIn Live stream about MFA, Passkeys and more.

Pranav @ OWASP BASC

Apr 6

Join our dev advocate, Pranav Shikarpur at OWASP BASC 2024 Conference where he will discuss building secure LLM apps and staying compliant in the ever-evolving world of generative AI.

Visit us at AWS Community Day

April 12

The AWS Community Day features expert-led talks, technical workshops, hands-on labs, and networking opportunities with industry leaders and fellow enthusiasts from around the globe.

Keith on a Panel for Ambassador Labs

Apr 18 - 1 PM EST

Save your spot to join Keith Casey to celebrate API month at the API Management Panel Tech Talk

Keith @ PHPTek Chicago

April 24th

Keith Casey at PHP[Tek] speaking on OAuth and Cloud Design Patterns

Hosting RSA Happy Hour

May 7th, 2024 - 4:30pm

If you will be at RSA conference May 6-9 make sure to sign up for our free Happy Hour we are hosting with Reach Security

Check out all news & events on our website here