Could add oauth token validation at the load balancer and a few items about firewalls (perimeter, microsegmentation, waf)
Great list btw.
Two minds suggesting the same thing -- must be good ;-)
Could you distill your suggestion about firewalls into a simple focussed point?
I wouldn't lump WAFs in with standard firewalls.
Perimeter firewalls are your first line of defense against intrusion, and segment your network based on need to access other networks. Microsegmentation firewalls ensure the only intra-segment network traffic that is going on is approved traffic. Devs need to supply source/destination IP addresses and ports to allow traffic.
Web Application Firewalls (WAFs) perform an inspection of HTTP requests to halt attacks on web servers.
I'm trying to craft a point to address this simply.
Looks good to me! I saw you mentioned CloudFlare as a DDoS mitigator, they also provide a WAF service, which would be good in the HTTP traffic section.
Got it, thank you!
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.