Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing Microservice Architectures
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Laura Bell
September 03, 2015
Technology
370
2
Share
Securing Microservice Architectures
Presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 03, 2015
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
290
Hackcon 11 - Protecting our people
ladynerd
0
250
Security in a container based world
ladynerd
0
160
Better Connected
ladynerd
0
82
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
140
Practical tools for privacy audit
ladynerd
0
220
For the greater good? Open sourcing weaponisable code
ladynerd
1
350
Other Decks in Technology
See All in Technology
変化の激しい時代をゴキゲンに生き抜くために 〜ストレスマネジメントのススメ〜
kakehashi
PRO
5
1.3k
試作とデモンストレーション / Prototyping and Demonstrations
ks91
PRO
0
200
みんなの考えた最強のデータ基盤アーキテクチャ'26前期〜前夜祭〜ルーキーズ_資料_遠藤な
endonanana
0
330
Oracle AI Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
6
1.4k
20260507-ACL-seminar
satoshi5884
0
110
ServiceによるKubernetes通信制御ーClusterIPを例に
miku01
1
160
How to learn AWS Well-Architected with AWS BuilderCards: Security Edition
coosuke
PRO
0
130
2026年春のAgentCoreアプデ 細かいやつ全部まとめ
minorun365
4
230
Vision Banana: Image Generators are Generalist Vision Learners
kzykmyzw
0
370
「背中を見て育て」からの卒業 〜専門技術としてのテスト設計を軸に、品質保証のバトンを繋ぐ〜 #genda_tech_talk
nihonbuson
PRO
3
1.3k
ワールドカフェ再び、そしてゴール・ルール・ロール・ツール / World Café Revisited, and the Goals-Rules-Roles-Tools
ks91
PRO
0
150
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
15
100k
Featured
See All Featured
Groundhog Day: Seeking Process in Gaming for Health
codingconduct
0
170
Build your cross-platform service in a week with App Engine
jlugia
234
18k
Designing for Timeless Needs
cassininazir
0
220
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
390
Abbi's Birthday
coloredviolet
2
7.5k
The Director’s Chair: Orchestrating AI for Truly Effective Learning
tmiket
1
160
30 Presentation Tips
portentint
PRO
1
290
Side Projects
sachag
455
43k
Building AI with AI
inesmontani
PRO
1
980
The Pragmatic Product Professional
lauravandoore
37
7.3k
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
kimpetersen
PRO
0
320
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
davidcarrasco
3
130
Transcript
None
Securing Microservice Architectures Laura Bell (@lady_nerd) M239
None
Modern
caution: fast paced field ahead watch for out of date
content
In this talk Microservice Fundamentals Some important points that are
worth refreshing Prevention Avoid common vulnerabilities and avoid mistakes Detection Prepare for survival and response
None
None
None
apps that automatically scale up to handle millions of users
and scale down again to have this be done by smaller teams
many are 100 or so lines some are around 1,000
lines
Integrity Availability Confiden3ality
Spoofing Tampering Repudia1on Informa1on Disclosure Denial of Service Escala1on of
Privilege
None
Service decomposition
shouldn’t
None
exhaustion
Orchestration layer attacks
simple
rule them all?
Choose Restrict Monitor Configure Challenge Test
Identity and access management
the lowest set of permissions and accesses required to do
your job
require well defined roles
Automate and alert
mature groups and role assistance
Immutable architectures matter in microservice security
(but you might not be the right person to audit
them)
(including those changes made by an attacker)
become hard to persist
Heterogeneous language and technology spaces
None
you
technologies
vulnerability management can be challenging in microservice architectures
None
Testing
(doesn’t require a specialist third party)
OWASP Zap Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project Gauntlt http://gauntlt.org/ BDD Security http://www.continuumsecurity.net/bdd-intro.html
software testing technique discover coding errors security loopholes massive amounts
of random data attempt to make it crash
None
Logging and monitoring
All
secure location immutable format away from production
denial of service attacks
like actually, for real, not just when you’re debugging
None
TL;DR Microservice Fundamentals Some important points that are worth refreshing
Prevention Avoid common vulnerabilities and avoid mistakes Detection Prepare for survival and response
Security in a Container-based World Friday 11:55am Find me later
at… § Hub Happy Hour Wed 5:30-6:30pm § Hub Happy Hour Thu 5:30-6:30pm § Closing drinks Fri 3:00-4:30pm 1 2 3 4 5 6
Subscribe to our fortnightly newsletter http://aka.ms/technetnz http://aka.ms/msdnnz http://aka.ms/ch9nz Free Online
Learning http://aka.ms/mva Sessions on Demand
None
© 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows and
other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
SiteGround - Reliable hosting with speed, security, and support you can count on.
ladynerd
kakehashi
ks91
endonanana
oracle4engineer
satoshi5884
miku01
coosuke
minorun365
kzykmyzw
nihonbuson
codingconduct
jlugia
cassininazir
reverentgeek
coloredviolet
tmiket
portentint
sachag
inesmontani
lauravandoore
kimpetersen
davidcarrasco
