Securing Cougar

Cougar is a security conscious framework, however, like anything, a little care needs to be taken to ensure it’s configured in the most secure manner. We’ll also cover the capabilities available to help you write your service implementations in a secure manner, and gotchas to look out for.

TODO * Restricting certificate algorithms/strength * Self-signed certs * Don’t expose your admin port to the internet * Don’t expose the binary transport to someone you don’t trust * XSS protections on the admin console plugins * Security strength factors * Encrypted configuration * Property overriding * XFF headers