Overview
Explore modern access control solutions for cloud applications in this comprehensive recorded talk from SnykLIVE. Dive into the challenges of implementing access control in complex microservices architectures and discover innovative approaches using policy as code. Learn about five best practices and open-source tools like OPA, OPAL, and Zanzibar to tackle these challenges effectively. Gain insights on security and compliance examples, new perspectives on permissions, the IAM waterfall, and the role of open-source software in access control. Understand JWT pronunciation and storage in web applications, explore different policy engines, and witness a practical demo. This 75-minute session, led by Or Weis, offers valuable knowledge for developers and security professionals looking to enhance their access control strategies in cloud environments.
Syllabus
- Stream Start
- Intros
- Building Modern Access Control - Start
- What are some examples of Security & Compliance
- New Way of Thinking About Permissions
- The IAM Waterfall
- Is Relying on Open Source Software a Recipe for Disaster?
- How Do You Pronounce JWT?
- Where Do You Store JWTs in Web Applications?
- 5 Best Practices
- Engines and Camps
- Open Policy Agent OPA
- OPAL
- Demo
- Stream End
Taught by
Snyk