SESSION + Live Q&A
Insecure Transit - Microservice Security
Microservices are great, and they offer us lots of options for how we can build, scale and evolve our applications. On the face of it, they should also help us create much more secure applications - the ability to protect in depth is a key part of protecting systems, and microservices make this much easier. On the other hand, information that used to flow within single processes, now flows over our networks, giving us a real headache. How do we make sure our shiny new microservices architectures aren’t less secure than their monolithic predecessors?
In this talk, Sam Newman outlines some of the key challenges associated with microservice architectures with respect to security, and then looks at approaches to address these issues. From secret stores, time-limited credentials and better backups, to confused deputy problems, JWT tokens and service meshes, this talk looks at the state of the art for building secure microservice architectures.
Speaker
Sam Newman
Microservice, Cloud, CI/CD Expert
Sam is a technologist focusing in the areas of cloud, microservices, and continuous delivery - three topics which seem to overlap frequently. Providing consulting, training and advisory services to startups and large multi-national enterprises alike, he has over 20 years in IT as a developer, sys...
Read moreLocation
Fleming, 3rd flr.
Track
Microservices/ Serverless: Patterns and Practices
Topics
MicroservicesSecurityCloud SecurityInterview AvailableShare
From the same track
Microservices Panel
When thinking about a mciroservice architecture there is so much to consider! The topic is broad, and sometimes the expertise needed to understand parts of it are deep. This can make them a pretty daunting subject. Lucking, QCon is at hand! In the final slot of the microservices track, we'll...
Sam Newman
Microservice, Cloud, CI/CD Expert
Guy Podjarny
Co-founder @SnykSec, previously CTO @Akamai
Susanne Kaiser
Independent Tech Consultant
Idit Levine
Founder and CEO of solo.io & Creator of Squash
Mark Burgess
CFEngine Creator & Software Engineer Focused on Distributed Information Infrastructure
Microservices Lessons Learned From a Startup
When we started our - still ongoing - journey from monolith to microservices we had the idea of a straightforward transformation process in mind. But microservices are complex and the process is not straightforward at all - it's a path with failure and detours along the way. In this talk I would...
Susanne Kaiser
Independent Tech Consultant
Microservices & Scaling of Rational Interactions
MB will present a new twist on his reactive summit talk about the scaling of microservices in computer and human interaction. As we scale services by across inputs and outputs, at every stage, we are challenged to rethink our calibrations of true and false. This has important implications for...
Mark Burgess
CFEngine Creator & Software Engineer Focused on Distributed Information Infrastructure
Securing Serverless – By Breaking In
Serverless rocks the security boat. Ad-hoc servers we don’t manage rids us of certain security concerns, while the proliferation of cheap micro services raises others. In this talk, we’ll experience these security concerns live. We’ll break into a vulnerable Serverless application and...
Guy Podjarny
Co-founder @SnykSec, previously CTO @Akamai
Debugging Microservices Applications
The mainstreaming of containerization and microservices is raising a critical question by both developers and operators: how do we debug all this? Debugging microservices applications is a difficult task. The state of the application is spread across multiple microservices, and it is hard to get...
Idit Levine
Founder and CEO of solo.io & Creator of Squash