I'm considering the use of ngrok for developing webhooks so developers can develop and debug webhook services locally on their machines that are called as part of an end 2 end journey that is largely in the cloud.
The InfoSec department at the company that I work have expressed concerns around creating externally accessible tunnels to the outside world to call services running on developer machines running on the LAN.
Is this something other organisation have experienced? If so is there a good resolution, such as any security that can be set up to avoid anybody other than your cloud service that calls the webhook to be able to make the call to the service running on the developers laptop?
Thanks in advance!
Phil
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…