Completed
OWASP Open Web Application Security Project find good trusted, peer reviewed sources
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Practical Microservice Security
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Security fundamentals
- 3 Spoofing Tampering Repudiation Information Disclosure Denial of Service Escalation of Privilege
- 4 OWASP Open Web Application Security Project find good trusted, peer reviewed sources
- 5 Consistent Planned Authentication
- 6 Storage, Quality, Length, Lifecycle the keys to token success
- 7 validation required:: every header every field every format every method
- 8 Service decomposition
- 9 scaling and resource exhaustion
- 10 Orchestration layer attacks
- 11 features that scare me 1 impersonation 2 investigation mode 3 demo accounts on production 4 SSL interception and analysis 5 many password sins
- 12 the golden rule never assume a security vendor is better at secure development than you are
- 13 Identity and access
- 14 principle of least privilege the lowest set of permissions and accesses required to do your job
- 15 Roles V.S. Fine Grain Permissions
- 16 Immutable architectures matter in microservice security
- 17 Auditable host configurations are a good thing but you might not be the right person to audit them
- 18 Avoids configuration creep including those changes made by an attacker
- 19 Choose the right tools for the job you are doing
- 20 not all technologies have mature libraries, frameworks and documentation
- 21 Detection
- 22 Poorly managed logs are a simple way to create denial of service attacks
