Do developers who are not security experts want to spend their valuable time developing security features? But should they, given the considerable room for error?
Pangea helps remove this margin for error. Pangea is a comprehensive set of API-based security services that can quickly and easily be added to any cloud application, embedded as functions directly into the application source code. Pangea emerged from the idea that key security features should not be repeatedly reinvented by companies every time they build new products.
Instead, with Pangea, application developers can access a wide selection of out-of-the-box security services to embed security easily in all of their applications. Comparable to AWS for compute APIs, Twilio for communications APIs, and Stripe for billing APIs, Pangea has created a single platform for security — Security Platform-as-a-Service (SPaaS).
Keeping Security Simple with Pangea Integrations
As we like to say, Pangea makes it “dead simple to integrate security with just a few lines of code”. With a clear developer focus, Pangea simplifies the varied aspects of security that are required for virtually every application.
Without Pangea’s SPaaS for developer-first security services, the security puzzle is made up of scattered commercial and open-source pieces. Usually, these pieces are not even API-first, which makes integrations difficult. Pangea specializes in bringing these pieces together in an API-first form, with consistent documentation and guaranteed services compatibility — making it easy for developers to embed security in their applications.
Pangea Integrations for Marketplace
Three Pangea Integrations have been released for the Auth0 Marketplace — Pangea - Domain Check, Pangea - Embargo Check, and the Pangea - Validate Registration. The Pangea - Validate Registration integration uses Pangea security APIs to validate new user registrations. This includes embargo checks using Pangea’s Embargo Check and domain score checks using Pangea’s domain intel service, which contains intelligence on over 390 million domain addresses. The results are all logged to the Pangea secure audit log service.
Configuration can then be done on the Pangea console to view and manage audit logs (redaction and retention), manage embargo lists, and select providers for domain scoring — with no additional code changes.
How the Pangea Integration Works
To use the Pangea Marketplace integration, you will need an Auth0 account and tenant as well as a Pangea account.
Pangea setup requires some light integration configuration before adding the Auth0 Action. Note that once the Action is successfully deployed, all new user registrations for a tenant will be processed by this integration. Before activating the integration in production, install and verify the Action on a test tenant.
Once the Action is added, new user registrations will be defended by Pangea APIs. Each new user registration will be checked against Pangea Embargo and Pangea Domain Intel. The user will either be accepted or rejected, and the results will be written to Pangea Secure Audit Log.
Shifting “Left-of-Left”: Pangea Benefits
Implementing Pangea provides a number of benefits, including:
- Prioritizing security from the get-go of app development, i.e., shifting responsibility “left-of-left”. Pangea's library of APIs security and compliance requirements are addressed from the beginning, giving developers the ability to drop security into their app runtime code prior to publishing. This can reduce developer cognitive load while covering security from the outset.
- Leveraging security intel from leading providers, such as Crowdstrike, DomainTools, and ReversingLabs, among others, in Pangea APIs.
- Securing registration decisions with cryptographically secure audit logs. Pangea audit logs provide built-in redaction and can be used to help meet compliance and regulatory requirements under GDPR, SOC2, HIPAA, and more.
Simplify Application Security with Pangea
It’s never been easier for developers to add security to their applications right out of the box. Check out the Pangea - Validate Registration integration in the Marketplace to get started.
About the author
Michael Weinberger
Senior Manager - Partner Integrations Pangea