Secure by Design Newsletter - Vol. I Issue II

Extend Auth0 log retention to 10 years in under 2 mins!

While Auth0 by Okta offers up to 30 days of log retention, your app likely needs more - often to become compliant with SOC2, HIPAA, and others. Extend Auth0 log retention to up to 10 years with Pangea’s Secure Audit Log and add a cryptographically verifiable, tamperproof audit trail to your app.

With a developer-first API, seamlessly configure extended log retention directly within the Auth0 dashboard, ensuring compliance without disrupting your existing setup

Show me how

🆕 Two New Product Updates

Preserve format & length of encrypted data

Learn how Pangea’s enhanced Vault, featuring Format Preserving Encryption (FPE), solves key pain points in data security and compatibility. FPE allows encrypted data, like phone numbers, to retain their original format, crucial for maintaining data integrity in legacy systems. Vault employs robust 128-bit and 256-bit encryption with certified algorithms, ensuring your data remains secure while adhering to format requirements. Implement this feature today to safeguard sensitive data effectively and stay updated with all platform changes through our comprehensive change log.

Detect threat actors with Password Expiration

With AuthN’s new Password Expiration feature, enforcing password resets is now simplified, enhancing user security with minimal effort and addressing critical challenges faced by enterprise software developers. Combine this capability with Pangea’s User Intel to proactively identify and resolve potential security breaches before they escalate. Follow our detailed guide to seamlessly integrate these enhancements into your applications and bolster your security measures.

To keep up with all of the changes and updates on the platform, visit our change log.

👇 Pango's Picks

A Security Checklist for Enterprise-ready Apps

Minimum Viable Secure Product (MVSP) is a list of essential application security controls that should be implemented for enterprise-ready products and services. Pangea is excited to have recently joined the working group to contribute Secure by Design values and principles.

Use this concise checklist to verify the security of systems and services during self-assessments, procurement, or SDLCs and get actionable results fast.

📚 Secure by Design Education Hub

Mastering Secure Credential Management: A Developer's Guide

Safeguarding sensitive credentials such as API keys and database passwords is crucial to prevent data breaches and unauthorized access. Developers must adopt a robust strategy for securely storing and managing tokens, keys, and passwords to mitigate risks effectively. In this recent blog post, our guide outlines best practices and strategies for implementing secure secret storage solutions, ensuring your applications remain protected against malicious threats and API misuse.

Enhance Kubernetes Security: Best Practices for Securing Secrets

Protecting secrets within Kubernetes environments is critical to prevent potential data breaches, service disruptions, and financial losses. This latest blog highlights four essential methods for securing Kubernetes secrets, including leveraging external secret stores like Pangea Vault and implementing RBAC to restrict access. Discover comprehensive strategies to fortify your Kubernetes clusters against security threats, ensuring robust protection for sensitive information and maintaining operational integrity.

📅 Upcoming Events

BlackHat Security Conference -- August 3-8 Book 1:1 time with Pangea executives during BlackHat week and check out events we are hosting.

THAT Conference WI – July 29-August 1

Dev Advocate, Pranav Shikarpur, and PM, Keith Casey™️, will be presenting throughout the conference and giving custom demos at our booth. Don’t miss the fun!