DARCC - The 5 Layers of Modern App Security

Explore the five key layers of modern application security - DARCC (Dependency, Access-Control, Runtime, Configuration, Container) - in this 31-minute conference talk from DevSecCon. Learn how to secure your software supply chain, enforce application policies, ensure expected code behavior, deploy correctly, and maintain the right environment for your app. Discover how best practices like GitOps, event-driven architecture, microservices, policy as code, and modular interfaces come together to create a unified approach to application security. Presented by Or Weis, Co-Founder at Permit.io, this talk covers challenges, best practices, decoupling, access control, configuration, container security, and application security, concluding with a discussion on API security, managing dependencies, and risk quantification.