Nice ... Some possible adds .. - Keep your java up to date (companion point to OS update) - Link to OWASP (whole talk to itself) - IP Filtering ... Consider a WAF - IP Filtering ... Where possible - Block all outbound connections - Maybe Lockout realm worth a quick mention? - IIRC: Clustering has assumptions on the security of the network
-Tim On Mon, Feb 11, 2019 at 2:53 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > All, > > New and improved! With a link to the outline! > > https://people.apache.org/~schultz/Apache%20RoadShow%20DC%202019/Locking > - -Down%20Apache%20Tomcat_outline.pdf > >
