Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing Microservice Architectures
Search
Laura Bell
September 03, 2015
Technology
2
360
Securing Microservice Architectures
Presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 03, 2015
Tweet
Share
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
280
Hackcon 11 - Protecting our people
ladynerd
0
250
Security in a container based world
ladynerd
0
160
Better Connected
ladynerd
0
77
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
140
Practical tools for privacy audit
ladynerd
0
220
For the greater good? Open sourcing weaponisable code
ladynerd
1
340
Other Decks in Technology
See All in Technology
AWS Systems Managerのハイブリッドアクティベーションを使用したガバメントクラウド環境の統合管理
toru_kubota
1
180
GitHub Copilot CLI で Azure Portal to Bicep
tsubakimoto_s
0
280
Blue/Green Deployment を用いた PostgreSQL のメジャーバージョンアップ
kkato1
0
160
Oracle AI Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
3
2k
AI時代のオンプレ-クラウドキャリアチェンジ考
yuu0w0yuu
0
590
【社内勉強会】新年度からコーディングエージェントを使いこなす - 構造と制約で引き出すClaude Codeの実践知
nwiizo
28
14k
ブラックボックス化したMLシステムのVertex AI移行 / mlops_community_62
visional_engineering_and_design
1
220
スケーリングを封じられたEC2を救いたい
senseofunity129
0
120
QA組織のAI戦略とAIテスト設計システムAITASの実践
sansantech
PRO
1
250
【Oracle Cloud ウェビナー】データ主権はクラウドで守れるのか?NTTデータ様のOracle Alloyで実現するソブリン対応クラウドの最適解
oracle4engineer
PRO
3
120
私がよく使うMCPサーバー3選と社内で安全に活用する方法
kintotechdev
0
140
CloudFrontのHost Header転送設定でパケットの中身はどう変わるのか?
nagisa53
1
220
Featured
See All Featured
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
82
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.4k
Mind Mapping
helmedeiros
PRO
1
130
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
10k
Balancing Empowerment & Direction
lara
5
1k
Designing for Timeless Needs
cassininazir
0
180
GraphQLの誤解/rethinking-graphql
sonatard
75
12k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
10
1.1k
Thoughts on Productivity
jonyablonski
75
5.1k
Visual Storytelling: How to be a Superhuman Communicator
reverentgeek
2
480
Writing Fast Ruby
sferik
630
63k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
11
870
Transcript
None
Securing Microservice Architectures Laura Bell (@lady_nerd) M239
None
Modern
caution: fast paced field ahead watch for out of date
content
In this talk Microservice Fundamentals Some important points that are
worth refreshing Prevention Avoid common vulnerabilities and avoid mistakes Detection Prepare for survival and response
None
None
None
apps that automatically scale up to handle millions of users
and scale down again to have this be done by smaller teams
many are 100 or so lines some are around 1,000
lines
Integrity Availability Confiden3ality
Spoofing Tampering Repudia1on Informa1on Disclosure Denial of Service Escala1on of
Privilege
None
Service decomposition
shouldn’t
None
exhaustion
Orchestration layer attacks
simple
rule them all?
Choose Restrict Monitor Configure Challenge Test
Identity and access management
the lowest set of permissions and accesses required to do
your job
require well defined roles
Automate and alert
mature groups and role assistance
Immutable architectures matter in microservice security
(but you might not be the right person to audit
them)
(including those changes made by an attacker)
become hard to persist
Heterogeneous language and technology spaces
None
you
technologies
vulnerability management can be challenging in microservice architectures
None
Testing
(doesn’t require a specialist third party)
OWASP Zap Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project Gauntlt http://gauntlt.org/ BDD Security http://www.continuumsecurity.net/bdd-intro.html
software testing technique discover coding errors security loopholes massive amounts
of random data attempt to make it crash
None
Logging and monitoring
All
secure location immutable format away from production
denial of service attacks
like actually, for real, not just when you’re debugging
None
TL;DR Microservice Fundamentals Some important points that are worth refreshing
Prevention Avoid common vulnerabilities and avoid mistakes Detection Prepare for survival and response
Security in a Container-based World Friday 11:55am Find me later
at… § Hub Happy Hour Wed 5:30-6:30pm § Hub Happy Hour Thu 5:30-6:30pm § Closing drinks Fri 3:00-4:30pm 1 2 3 4 5 6
Subscribe to our fortnightly newsletter http://aka.ms/technetnz http://aka.ms/msdnnz http://aka.ms/ch9nz Free Online
Learning http://aka.ms/mva Sessions on Demand
None
© 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows and
other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
ladynerd
toru_kubota
tsubakimoto_s
kkato1
oracle4engineer
yuu0w0yuu
nwiizo
visional_engineering_and_design
senseofunity129
sansantech
kintotechdev
nagisa53
akademiya2063
sergeychernyshev
helmedeiros
eileencodes
lara
cassininazir
sonatard
addyosmani
jonyablonski
reverentgeek
sferik
tammyeverts
