Balasys PROXEDO API Security (PAS) Training

Training description

The training session introduces the most important skills to manage the Balasys PROXEDO API Security software package. The training session introduces installation and configuration of PAS through presentations and lab exercises. The session introduces the PAS server and it’s configuration. The session gives an overview of HTTP protocol and related technologies.

Goal of the training

The goal of the session is to train professionals who understand Balasys PROXEDO API Security and can configure and maintain them independently, can fine-tune or troubleshoot it.

Intended audience

For all end-user and partners or system engineers who would like to install, configure or maintain PAS infrastructure independently. At the end of the session participants can setup, fine-tune and troubleshoot PAS and can submit tickets to the PAS Support centers.


The training is a 2 day, classroom based, instructor-lead session, that includes the presentations and lab exercises. The session starts at 9:00 and finishes at 17:00 that includes the lunch. The session can be customized by the client’s need. After applying we will contact you to work out the details.

Detailed agenda

Module: Introduction and protocol overview

  • HTTP protocols: HTTP 0.9, HTTP 1.0, HTTP 1.1 and HTTP2
  • HTTP extensions: Webdav and PATCH
  • HTTP status codes
  • HTTP headers
  • HTTP methods
  • HTTPS: certificates and SNI
  • HTTP and authentication
  • Cookies
  • The non-transparent HTTP
  • Most important HTTP related date formats: XML, HTML and JSON
  • Schemas: JSON and XSD schema
  • API protocols: REST and SOAP

Module: Installation and basic settings

  • Installing PROXEDO API Security
  • Docker containers
  • Licensing PAS
  • The configuration file format: YAML

Module: Configuration

  • The transport director: Listener, Endpoint and Backend
  • How the connection is built with PAS
  • The MITM and TLS MITM
  • Deployment scenarios: transparent and non-transparent HA mode
  • The Security flow: content vectoring
  • Plugins in the security flow: compressor and decompressor, JSON, XML serializer, deserializer, matchers and filters
  • Configuration bricks
  • Starting PAS from the command line or as a daemon
  • Error policy
  • Extractors: obtain data from the payload
  • The insight director: how to store the extracted payload
  • Insight plugins: local, syslog and elastic
  • Enforcers: validating the payload
  • Enforcer plugins: JSON scheme validation, XML scheme validation
  • Understanding PAS log messages
  • Troubleshooting



Contact person


* I have read and accept the terms & conditions.