Overview
Syllabus
Intro
Data Breaches
Software Development
Microservice Security
Microservice Architecture
Surface Area of Attack
Assessing Risks
Password Manager
Advanced Persistent Threat
Three pieces of advice
Shortlived credentials
Qi tools
Credentials
Secret Stores
Vault
Console Template
Security Breaches
Patch Your Stuff
Equifax Data Breach
Vulnerabilities
Equifax
Systems building on systems
Normal running infrastructure
Solutions
Container Scanning
Threat Modelling
Network Communication
Key Concerns
HTTP and TLS
HTTP TLS
Mutual TLS
Other protocols
Authentication
Authorization
Confused Deputy Problem
Making Decisions Upstream
What We Want
JWT Token
Service Mesh
Summary
Taught by
GOTO Conferences