Completed
Service decomposition
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Practical Microservice Security
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Security fundamentals
- 3 Spoofing Tampering Repudiation Information Disclosure Denial of Service Escalation of Privilege
- 4 OWASP Open Web Application Security Project find good trusted, peer reviewed sources
- 5 Consistent Planned Authentication
- 6 Storage, Quality, Length, Lifecycle the keys to token success
- 7 validation required:: every header every field every format every method
- 8 Service decomposition
- 9 scaling and resource exhaustion
- 10 Orchestration layer attacks
- 11 features that scare me 1 impersonation 2 investigation mode 3 demo accounts on production 4 SSL interception and analysis 5 many password sins
- 12 the golden rule never assume a security vendor is better at secure development than you are
- 13 Identity and access
- 14 principle of least privilege the lowest set of permissions and accesses required to do your job
- 15 Roles V.S. Fine Grain Permissions
- 16 Immutable architectures matter in microservice security
- 17 Auditable host configurations are a good thing but you might not be the right person to audit them
- 18 Avoids configuration creep including those changes made by an attacker
- 19 Choose the right tools for the job you are doing
- 20 not all technologies have mature libraries, frameworks and documentation
- 21 Detection
- 22 Poorly managed logs are a simple way to create denial of service attacks