H1 Heading

H2 Heading

H3 Heading

H4 Heading

H5 Heading
H6 Heading

Paragraph Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

h-xxlarge

h-xlarge

h-large

h-large.black-2

h-medium

h-small

h-small

h-xsmall
h-xxsmall
h-xxsmall.black-2

p-large Paragraph Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

p-medium Paragraph Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

p-small Paragraph Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

p-xsmall Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Heading 2

Heading 1

Heading 4

Heading 3

Heading 5

Heading 6
Paragraph

What’s a Rich Text element?

The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.

Static and dynamic content editing

A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!

How to customize formatting for each rich text

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

see how   see how   see how   see how   see how   see howstart tracing   

Before we understand why API security is one of the most important aspects of modern application security we first need to define and understand modern application security. And before we can define and understand modern application security, we have to understand how modern applications are different from traditional applications. Well, that sounds like we need a blog series. And just like that, we have one.

In this first part, let’s call it Part I, we’ll compare traditional and modern application architectures. In part 2 we’ll dive into modern app security and outline the requirements needed to protect modern applications. And last but not least, in part 3 we finally get to API security.

Without further ado, let’s get into part 1.

The squad moves post-it notes around the kanban board

Traditional vs. modern applications

Let’s start with a quick refresher on the “Traditional” application architecture so we’re all on the same page. 

  1. There was hardware. Servers with operating systems and software running on them and networking gear and storage. This was all hosted in a private or co-located data center.
  2. There were a few web servers behind a load balancer. The web servers talked to the app servers which in turn talked to databases hopefully running on a different server.
  3. There were firewalls, DMZs, yada, yada, yada.
  4. Then there was the client. The client talked to port 80. It was a simpler time. And SSH.

You get the picture. Now, fast forward to today and we’ve got, what at present time is referred to as modern, cloud-native application architectures! Let’s take a look:

  1. Microservices, tons of them, running in a public cloud, probably in a Kubernetes cluster.
  2. Microservices are talking to each other, chatting with 3rd party services and getting data from at least two different datastores.
  3. There are firewalls.
  4. There are the clients. Browsers, native apps, javascript snippets, and other internal and 3rd party services. And SSH.

Yes, there are lots of differences

Check out this comparison list:

The Cloud: Modern applications live “in the cloud”. Cloud providers offer different levels of abstractions (IaaS, PaaS, SaaS) but long story short, these apps run in the cloud. 

Business Logic is Highly Distributed: Applications are decentralized with business logic spread across services.

Microservices: Large applications are broken down into smaller components or services.

Deployment Orchestration: Containers and Kubernetes (K8S) make it easier to connect and manage large numbers of microservices. 

Continuous Integration / Continuous Delivery (CI/CD): Software teams develop features using agile methodologies and continuously deliver new code to production.

DevOps: Developers and operations work together to manage and operate the application and development toolchain. 

Data Volumes: There’s no shortage of useful data these days and it comes in many shapes and sizes that require more databases than your standard RDBMS (sorry Oracle). 

Cloud / 3rd Party Services: Not all application functionality needs to be created in-house. Most apps integrate 3rd party services, using APIs, to beef up application functionality without reinventing the wheel. Or the storage bucket.

 

Clients have differences too!

Devices became more powerful: When I was a kid, iPhones only had 1 camera! What a time.

Client Varitetals: Today there are more types of clients - from traditional web browsers to native mobile apps to (purposely) exposing your own APIs to other developers.

Client Muscle: Modern frontend frameworks (Angular, React.js) allow developers to write complex logic that runs efficiently in the client. Clients now render visual components that used to render server-side.

More Calls, More Parameters: Clients maintain user state locally and trigger API calls when data or an action is needed. This is done at the component level vs the page, so the number of calls is higher and the number of parameters sent to the server is higher as well.

In part 2 of our series we cover the security requirements for modern applications. Check it out now, or download the full Modern Application Security Ebook.