You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: pages/use-cases/security/security-baseline.mdx
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -51,7 +51,7 @@ Find out more:
51
51
52
52
### Protection at the edge: secure applications with Edge Services WAF
53
53
54
-
Put a Load Balancer in front of your Instances, and benefit also from an Edge Services pipeline that provides additional services for your Load Balanced appliction. Edge Services offers an **inbuilt Web Application Firewall (WAF)**, to provide robust protection against common web-based threats such as SQL injection, cross-site scripting (XSS), and DDoS attacks.
54
+
Put a Load Balancer in front of your Instances, and benefit also from an Edge Services pipeline that provides additional services for your Load Balancer application. Edge Services offers an **inbuilt Web Application Firewall (WAF)**, to provide robust protection against common web-based threats such as SQL injection, cross-site scripting (XSS), and DDoS attacks.
55
55
56
56
By filtering malicious traffic at the edge, before it reaches your infrastructure, the WAF helps protect your backend resources by **blocking threats early and minimizing exposure to potential attacks**. Integrated directly with the Load Balancer, the WAF ensures high availability and low-latency inspection of HTTP/HTTPS traffic, enabling real-time threat mitigation without impacting performance. Scaleway Edge Services WAF uses the [OWASP Core Rule Set (CRS)](https://coreruleset.org/). This is an industry standard, open source ruleset for WAF, which protects against multiple categories of attack.
57
57
@@ -82,11 +82,11 @@ Effective access control ensures that only authorized users and systems can inte
82
82
83
83
### Least privilege by design: secure access with granular permissions
84
84
85
-
If you want to share access to your Scaleway Organization, then invite other users as Members. You can then **accord fine-grained permissions to each Member**, via IAM policies. Policies determine which permissions and access rights the Member has, e.g. to manage billing, create different types of resources, read-only certain types of resources, and more.
85
+
If you want to share access to your Scaleway Organization, invite other users as Members. You can then **accord fine-grained permissions to each Member**, via IAM policies. Policies determine which permissions and access rights the Member has, e.g. to manage billing, create different types of resources, read-only certain types of resources, and more.
86
86
87
87
You may also want to give access to your Organization and resources not to a specific human user, but to an application or service, e.g. when setting up a production environment. Do this by creating IAM applications. This feature lets you **give programmatic access to resources** by creating API keys that are not linked to a specific human, making your production code more robust.
88
88
89
-
We always recommend that you **give least-privilege permissions** via IAM, as best practice. This means giving users and applications to permissions they need to perform a task, and no extra permissions beyond that. The Organization Owner has powerful permissions over the whole Organization that go far beyond the permission scope required for most tasks. Even if you do not need to invite additional Members to your Organization, consider creating additional applications whose API keys have least-privilege-only permissions. You can then use these API keys in your applications without exposing the Organization Owner's API key with its full permissions.
89
+
We always recommend that you **give least-privilege permissions** via IAM, as best practice. This means only giving users and applications permissions they need to perform a task, and no extra permissions beyond that. The Organization Owner has powerful permissions over the whole Organization that go far beyond the permission scope required for most tasks. Even if you do not need to invite additional Members to your Organization, consider creating additional applications whose API keys have least-privilege-only permissions. You can then use these API keys in your applications without exposing the Organization Owner's API key with its full permissions.
90
90
91
91
Find out more:
92
92
@@ -122,7 +122,7 @@ Scaleway offers a number of products and features to help you monitor your resou
122
122
123
123
### Gain full visibility: monitor resources with Scaleway Cockpit
124
124
125
-
Scaleway Cockpit allows you to monitor your Scaleway infrastructure by giving you insights and contexts into its behavior. It stores metrics, logs, and traces for your Scaleway resources and provides a dedicated dashboarding system on Grafana to visualize this. In addition, Cockpit's alert manager lets you set up alerts which are sent to you when particular events or patterns materialize from your resources. This means you can **get on top of anomalies and potential security issues quickly** and efficiently, in real-time.
125
+
Scaleway Cockpit allows you to monitor your Scaleway infrastructure by giving you insights and context into its behavior. It stores metrics, logs, and traces for your Scaleway resources and provides a dedicated dashboarding system on Grafana to visualize this. In addition, Cockpit's alert manager lets you set up alerts which are sent to you when particular events or patterns materialize from your resources. This means you can **get on top of anomalies and potential security issues quickly** and efficiently, in real-time.
0 commit comments