Application Security
- Last Updated: September 9, 2024
- 2 minute read
- OpenEdge
- Version 12.8
- Documentation
OpenEdge continually monitors for potential security vulnerabilities. The effort to scan, identify, assess, and mitigate potential security threats is ongoing. Information on how Progress manages reporting, management, discussion, and disclosure of vulnerabilities discovered in OpenEdge can be found in Progress OpenEdge Security Guidelines.
This section details the security features introduced in the OpenEdge 12.8 LTS release.
- Client Key Management
- Dynamic Data Masking (DDM)DDM enables administrators to ensure data privacy and protection, meet regulatory requirements, and safeguard sensitive information by leveraging API command line utilities to mask fields from unauthorized users.
- OESECTOOLApplication developers can use the OESECTOOL command line utility to test security configurations before configuring their production systems to connect to external authentication systems.
- SAML and OAuth2
- Centralize OpenEdge Domain Access Using the OpenEdge Authentication Gateway with SAML
- Centralize OpenEdge Domain Access Using the OpenEdge Authentication Gateway with OAuth2
- Encrypt Payloads with JWE
- OAuth2 Adds OIDC
- SAML Single Logout Support
- Spring security upgrade for SAML and OAuth2 enhancements
- Transparent Data Encryption (TDE)TDE provides data confidentiality through the ability of its encryption key generation and storage to resist attacks.
- Transport Layer Security (TLS)
- Miscellaneous