Recent Posts by Muhammad Abdel-Halim

Introduction This blog picks up from where we left here. In that blog we had discussed about an end-to-end usecase involving API Gateway, WAF and OCI Functions. We had showcased how we can implement security using a combination of WAF and API Gateway, with WAF handling the edge security usecases such as SQL injection protection, and the API Gateway handling authentication. In the API Gateway setup we had used a custom function that remotely introspected the JWT token in the...

Introduction I'm going to start this blog by making 3 bold claims: The future is Serverless! API gateways are the best way to manage and expose Serverless endpoints to the internet! Anything facing the internet should be behind a WAF! Let's do a quick review on Oracle Cloud Infrastructure's offerings that address these claims. Serverless: Oracle offers Oracle Functions which is based on the open-source Fn Project: is an open source, container native, serverless platform that can be...

Introduction In this blog I want to discuss about an interesting usecase that showcases how IDCS Appgate can be used to enable SSO security for legacy applications when migrating to the cloud. Many customers who are looking to migrate their workloads into the cloud find that they have legacy systems in their portfolio that are not necessarily amenable to modernisation. An example of one of these legacy systems is Oracle Discoverer. Oracle BI Discoverer is a business...

Oracle recently introduced a Web Application Firewall (WAF) service to further enhance and secure its Oracle Cloud Infrastructure offerings. The Oracle Cloud Infrastructure WAF is based on Oracle Zenedge and Oracle Dyn technologies. It inspects all traffic destined to your web application origin and identifies and blocks all malicious traffic. WAF offers the following tools, which can be used on any website, regardless of where it is being hosted: Origin management. Bot...