Security for Microservices
Facebook Twitter LinkedIn

Security for Microservices

Combined Session
Thursday, May 16, 2019 17:00—18:00
Location: ALPSEE

Securing Microservices: Not as Easy as You Might Have Expected

Microservice architectures allow businesses to develop and deploy their applications in a much more flexible, scalable and convenient way – across multiple languages, frameworks and IT environments. However, new architectures require new tools and technologies, and those bring in new security challenges – and new skills to learn to fight off cyber-attacks efficiently.

Like with any other new technology which developers, operations and security teams are only beginning to explore in the recent years, there is still quite a lot of confusion about the capabilities of new platforms, misconceptions about new attack vectors and renewed discussions about balancing security with the pace of innovation expected from developers. And perhaps the biggest myth of microservice security is that it somehow takes care of itself.

In this session, we’ll look at the core technologies powering modern microservice architectures (containers, APIs, serverless backends, service meshes, etc.) and evaluate both their existing security capabilities and potential gaps to gain a strategic view of all the potential security and compliance challenges you should be thinking about before embracing microservices.

Securing Microservices: Not as Easy as You Might Have Expected
Presentation deck
Securing Microservices: Not as Easy as You Might Have Expected
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Alexei Balaganski
Alexei Balaganski
KuppingerCole
Alexei is an analyst with specific focus on cybersecurity and Artificial Intelligence. At KuppingerCole, he covers a broad range of security-related topics: from database, application and API...

Securing APIs and Microservices with OAuth and OpenID Connect

Microservices present a new way of scaling API deployments, where each component is an island, performing a small but well defined task. These systems are quicker to develop and allow for a more agile way of working. As in most designs, security is not part of the original blueprint, which can lead to expensive and hard to manage security solutions. In this talk, Travis Spencer will illustrate how OAuth and OpenID Connect can be leveraged to create a unified distributed framework for Microservices. He will show how this can be used to deliver Microservices’ promise of agility and scalability while also ensuring security.

Securing APIs and Microservices with OAuth and OpenID Connect
Presentation deck
Securing APIs and Microservices with OAuth and OpenID Connect
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.

API Security in a Microservices World

A microservice architecture brings new challenges to API Security and careful design needs to be applied at operations and development level to ensure corporate data is properly protected from unwanted access.

In this session we explain what API security encompasses,  why API security needs to be considered as early as possible in the lifecycle of the microservices, how known standards such as OAuth and OpenID Connect can be leveraged to authenticate and authorize access to microservices and give practical examples and recommendations for the design and deployment of microservice architectures.

Philippe Leothaud
Philippe Leothaud
42Crunch
Over 20 years of experience in Identity Management, application security and integration. Specializingnow in securing API infrastructures, using existing tools and standards (OpenAPI, OAuth,...
Subscribe for updates
Please provide your email address