Deep dive on PCI DSS 4.0 API Security Requirements

Deployment - Kubernetes Side-Car

kubernetes Sidecar
  1.  AppSentinels comes with Envoy based sidecars. Follow installation instructions to deploy these sidecars on the target K8 Application Namespace.

  2.  Additionally deploy AppSentinels Edge Controller and ensure it’s reachable from the sidecars. It can be a POD in the same K8 cluster, or a docker/VM outside the cluster.
  3.  AppSentinels sidecars intercepts incoming HTTP/HTTPS traffic for the micro-service and forward the logs to Edge Controller.

  4.  For HTTP, AppSentinels sidecars can function in OOB mode (i.e, processing copy of a packet), thereby avoiding any impact to Applications in case of an outage.

  5.  AppSentinels sidecars have optional max latency configuration. In case latency crosses certain threshold, AppSentinels automatically gets into fail-open mode thereby ensuring latency for application traffic is maintained.

  6.  AppSentinels can take session based actions like blocking a malicious request directly from the sidecar. It can also take action against bad IP’s or Users.