Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing Microservice Architectures
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Laura Bell
September 03, 2015
Technology
370
2
Share
Securing Microservice Architectures
Presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 03, 2015
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
300
Hackcon 11 - Protecting our people
ladynerd
0
250
Security in a container based world
ladynerd
0
160
Better Connected
ladynerd
0
83
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
140
Practical tools for privacy audit
ladynerd
0
230
For the greater good? Open sourcing weaponisable code
ladynerd
1
350
Other Decks in Technology
See All in Technology
ポスター発表&デモと総括 / Poster Presentations & Demonstrations and Summary
ks91
PRO
0
150
脅威をエンジニアリングの糧にして:恐怖を乗り越えた先にあったもの / Turn threats into fuel for engineering: what lay beyond overcoming fear
nrslib
1
340
速さだけじゃない! VoidZero ツールが移行先に選ばれる理由
mizdra
PRO
5
590
APIテストとは?
nagix
0
130
Datadog 認定試験の概要と対策
uechishingo
0
150
Javaコミュニティをもっと楽しむための9箇条
takasyou
0
380
Spring AI × MCP 入門〜AIエージェントへのツール公開、境界設計から始める最小構成 〜
yuyamiyamoto
0
160
eBPF Can Do It! A 5-Minute Tour of 5 Real-World PHP Issues Solved with eBPF
egmc
0
320
Oracle Cloud Infrastructure:2026年5月度サービス・アップデート
oracle4engineer
PRO
1
220
AI時代から振り返るTerraform drift運用の歴史 / AI Age Reflections on the History of Terraform Drift Operations
aeonpeople
0
560
GitHub Copilot CLI の Rubber Duck 機能を使ってコーディングの品質をあげよう #techbaton_findy
stefafafan
2
1.2k
ルールやカスタム機能、どう使う?理想の出力を引き出すために今知りたいIBM Bob 5つの機能
muehara
0
110
Featured
See All Featured
The Illustrated Children's Guide to Kubernetes
chrisshort
51
52k
My Coaching Mixtape
mlcsv
0
130
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
aleyda
1
1.2k
Claude Code のすすめ
schroneko
67
220k
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
techseoconnect
PRO
0
150
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
55k
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
250
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.2k
sira's awesome portfolio website redesign presentation
elsirapls
0
260
Game over? The fight for quality and originality in the time of robots
wayneb77
1
180
Designing Powerful Visuals for Engaging Learning
tmiket
1
380
Transcript
None
Securing Microservice Architectures Laura Bell (@lady_nerd) M239
None
Modern
caution: fast paced field ahead watch for out of date
content
In this talk Microservice Fundamentals Some important points that are
worth refreshing Prevention Avoid common vulnerabilities and avoid mistakes Detection Prepare for survival and response
None
None
None
apps that automatically scale up to handle millions of users
and scale down again to have this be done by smaller teams
many are 100 or so lines some are around 1,000
lines
Integrity Availability Confiden3ality
Spoofing Tampering Repudia1on Informa1on Disclosure Denial of Service Escala1on of
Privilege
None
Service decomposition
shouldn’t
None
exhaustion
Orchestration layer attacks
simple
rule them all?
Choose Restrict Monitor Configure Challenge Test
Identity and access management
the lowest set of permissions and accesses required to do
your job
require well defined roles
Automate and alert
mature groups and role assistance
Immutable architectures matter in microservice security
(but you might not be the right person to audit
them)
(including those changes made by an attacker)
become hard to persist
Heterogeneous language and technology spaces
None
you
technologies
vulnerability management can be challenging in microservice architectures
None
Testing
(doesn’t require a specialist third party)
OWASP Zap Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project Gauntlt http://gauntlt.org/ BDD Security http://www.continuumsecurity.net/bdd-intro.html
software testing technique discover coding errors security loopholes massive amounts
of random data attempt to make it crash
None
Logging and monitoring
All
secure location immutable format away from production
denial of service attacks
like actually, for real, not just when you’re debugging
None
TL;DR Microservice Fundamentals Some important points that are worth refreshing
Prevention Avoid common vulnerabilities and avoid mistakes Detection Prepare for survival and response
Security in a Container-based World Friday 11:55am Find me later
at… § Hub Happy Hour Wed 5:30-6:30pm § Hub Happy Hour Thu 5:30-6:30pm § Closing drinks Fri 3:00-4:30pm 1 2 3 4 5 6
Subscribe to our fortnightly newsletter http://aka.ms/technetnz http://aka.ms/msdnnz http://aka.ms/ch9nz Free Online
Learning http://aka.ms/mva Sessions on Demand
None
© 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows and
other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
ladynerd
ks91
nrslib
mizdra
nagix
uechishingo
takasyou
yuyamiyamoto
egmc
oracle4engineer
aeonpeople
stefafafan
muehara
chrisshort
mlcsv
aleyda
schroneko
techseoconnect
aki_iinuma
cassininazir
hatefulcrawdad
elsirapls
wayneb77
tmiket
