Overview
Explore the intersection of application security and microservices in this 53-minute conference talk from GOTO Copenhagen 2016. Delve into various security attacks, detection methods, and prevention tools while examining real-world examples like the Target and Home Depot breaches. Learn about transport security, HTTPS, Docker, perimeter security, and the challenges of polyglot microservices. Discover the importance of logging, patching, and conducting postmortems. Gain insights on how to protect your microservices architecture from security breaches and understand the root causes of system failures. Equip yourself with practical knowledge to enhance your application's security in a microservices environment.
Syllabus
Intro
Who are we
Security Attacks
Detection
Attack Trees
Attack Vectors
Transport Security
Lets Encrypt
HTTPS
Lemo
The confused deputy problem
Data at rest
Docker
Prevention tools
Patching
Detecting
Logging
Perimeter Security
Polyglot Microservices
Response Target
Home Depot Breach
Brian Krebs
Tylenol
Telstra
Systems being to blame
Root cause of failure
Recovery
Postmortems
Questions
Taught by
GOTO Conferences