I am a Developer Advocate for Security in Mobile Apps and APIs at approov.io.
Another passion is the Elixir programming language that was designed to be concurrent, distributed and fault tolerant.
Location
Scotland
Education
Self teached Developer
Work
Developer Advocate for Mobile and API Security at approov.io
Terminating encryption (SSL/TSL) at the load balancer is another security risk. If using a Kubernetes cluster, move the TLS termination into the cluster and then encrypt all traffic within the cluster.
People always laugh on me when I recommend this :(
But this kind of people just learn in the hard way, aka after they been breached and paid a huge fine, because if no money losses are involved they may continue with the same attitude... Sadly I have seen this happen.
Generally, there's a lot more chatter on an internal network than on public networks. TLS within a private network definitely provides greater security, but how do you contend with performance loss of encrypting and decrypting internal traffic?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
People always laugh on me when I recommend this :(
But this kind of people just learn in the hard way, aka after they been breached and paid a huge fine, because if no money losses are involved they may continue with the same attitude... Sadly I have seen this happen.
Generally, there's a lot more chatter on an internal network than on public networks. TLS within a private network definitely provides greater security, but how do you contend with performance loss of encrypting and decrypting internal traffic?