Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Securing Microservice Architectures
Search
Laura Bell
September 03, 2015
Technology
2
360
Securing Microservice Architectures
Presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 03, 2015
Tweet
Share
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
280
Hackcon 11 - Protecting our people
ladynerd
0
240
Security in a container based world
ladynerd
0
160
Better Connected
ladynerd
0
74
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
130
Practical tools for privacy audit
ladynerd
0
210
For the greater good? Open sourcing weaponisable code
ladynerd
1
340
Other Decks in Technology
See All in Technology
LINEアプリ開発のための Claude Code活用基盤の構築
lycorptech_jp
PRO
1
1.1k
Data Hubグループ 紹介資料
sansan33
PRO
0
2.8k
ヘルシーSRE
tk3fftk
2
190
What's new in Go 1.26?
ciarana
2
260
大規模な組織におけるAI Agent活用の促進と課題
lycorptech_jp
PRO
5
6.8k
WBCの解説は生成AIにやらせよう - 生成AIで野球解説者AI Agentを実現する / Baseball Commentator AI Agent for Gemini
shinyorke
PRO
0
300
2026年のAIエージェント構築はどうなる?
minorun365
12
2.9k
バクラクにおける Document Understanding の挑戦:書類の「読取」から「意思決定」へ / document-understanding-in-bakuraku-2026
yuya4
0
170
AI Agentにおける評価指標とAgent GPA
tsho
1
240
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
3k
論文検索を日本語でできるアプリを作ってみた
sailen2
0
140
クラウド時代における一時権限取得
krrrr38
1
140
Featured
See All Featured
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
0
210
The Spectacular Lies of Maps
axbom
PRO
1
570
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
63
VelocityConf: Rendering Performance Case Studies
addyosmani
333
24k
Build your cross-platform service in a week with App Engine
jlugia
234
18k
Testing 201, or: Great Expectations
jmmastey
46
8.1k
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
akashhashmi
0
280
How To Stay Up To Date on Web Technology
chriscoyier
791
250k
Why Mistakes Are the Best Teachers: Turning Failure into a Pathway for Growth
auna
0
71
Agile Actions for Facilitating Distributed Teams - ADO2019
mkilby
0
140
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.2k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.6k
Transcript
None
Securing Microservice Architectures Laura Bell (@lady_nerd) M239
None
Modern
caution: fast paced field ahead watch for out of date
content
In this talk Microservice Fundamentals Some important points that are
worth refreshing Prevention Avoid common vulnerabilities and avoid mistakes Detection Prepare for survival and response
None
None
None
apps that automatically scale up to handle millions of users
and scale down again to have this be done by smaller teams
many are 100 or so lines some are around 1,000
lines
Integrity Availability Confiden3ality
Spoofing Tampering Repudia1on Informa1on Disclosure Denial of Service Escala1on of
Privilege
None
Service decomposition
shouldn’t
None
exhaustion
Orchestration layer attacks
simple
rule them all?
Choose Restrict Monitor Configure Challenge Test
Identity and access management
the lowest set of permissions and accesses required to do
your job
require well defined roles
Automate and alert
mature groups and role assistance
Immutable architectures matter in microservice security
(but you might not be the right person to audit
them)
(including those changes made by an attacker)
become hard to persist
Heterogeneous language and technology spaces
None
you
technologies
vulnerability management can be challenging in microservice architectures
None
Testing
(doesn’t require a specialist third party)
OWASP Zap Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project Gauntlt http://gauntlt.org/ BDD Security http://www.continuumsecurity.net/bdd-intro.html
software testing technique discover coding errors security loopholes massive amounts
of random data attempt to make it crash
None
Logging and monitoring
All
secure location immutable format away from production
denial of service attacks
like actually, for real, not just when you’re debugging
None
TL;DR Microservice Fundamentals Some important points that are worth refreshing
Prevention Avoid common vulnerabilities and avoid mistakes Detection Prepare for survival and response
Security in a Container-based World Friday 11:55am Find me later
at… § Hub Happy Hour Wed 5:30-6:30pm § Hub Happy Hour Thu 5:30-6:30pm § Closing drinks Fri 3:00-4:30pm 1 2 3 4 5 6
Subscribe to our fortnightly newsletter http://aka.ms/technetnz http://aka.ms/msdnnz http://aka.ms/ch9nz Free Online
Learning http://aka.ms/mva Sessions on Demand
None
© 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows and
other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
ladynerd
lycorptech_jp
sansan33
tk3fftk
ciarana
shinyorke
minorun365
yuya4
tsho
sailen2
krrrr38
apolaine
axbom
akademiya2063
addyosmani
jlugia
jmmastey
akashhashmi
chriscoyier
auna
mkilby
ivargrimstad
jcasabona
