Session + Live Q&A
Securing Microservices: Preventing Vulnerability Traversal
One of the advantages of microservices architecture is that teams can develop, maintain, and deploy each microservice independently. With single-responsibility, services can be scaled separately as required and doing so with a DevOps mentality substantially improves agility.
How do we secure microservices and their deployments? Who owns what? Do we know what is in our microservices? Preventing vulnerability traversal is a must. Systems must be designed securely, and security as an afterthought does not scale. Platform engineers and SREs need to quickly identify owners and fix deployment vulnerabilities from inception to production. If log4j taught us anything, teams must have ownership, accountability and the power to make changes fast to keep their systems secure.
In this session, we’ll be looking at OWASP recommendations and Kubernetes best practices to find out more about how to secure your microservices and reduce vulnerability traversal.
Speaker
Stefania Chaplin
Solutions Architect @GitLab
Stefania’s experience as a Solutions Architect within Cybersecurity, DevSecOps and OSS governance means she's helped countless organisations understand and implement security throughout their SDLC. As a python developer at heart, Stefania enjoys optimising and improving operational...
Read moreDate
Tuesday May 17 / 12:20PM EDT (50 minutes)
Track
Effective Microservices: What It Takes to Get the Most Out of This Approach
Topics
MicroservicesArchitectureApplication SecuritySecurityDevopsAdd to Calendar
Add to calendarShare
From the same track
Airbnb at Scale
Tuesday May 17 / 01:30PM EDT
In 2018, Airbnb embarked on a high-stakes journey to transform our technology architecture from a monolithic Ruby app to a more scalable Service-Oriented Architecture (SOA). Three years on, we are in a good place to look back at what we have accomplished and reflect on where we are. In this talk,...
Selina Liu
Senior Software Engineer @Airbnb
Pump It Up! Actually Gaining Benefit From Cloud Native Microservices
Tuesday May 17 / 10:00AM EDT
Please note: there will be no live Q&A after this session.So many organisations have flocked to 'cloud native', running containerised microservices on the public or private cloud, only to find the promised benefits fail to materialise. And we’ve seen the same...
Sam Newman
Microservice, Cloud, CI/CD Expert
No Next Next: Fighting Entropy in Your Microservices Architecture
Tuesday May 17 / 11:10AM EDT
Great! You’ve created your microservices architecture and you are reaping the benefits of independently deployable units and teams being wholly responsible for services. But a few years on and things aren’t quite as simple, clean and independent as they were originally. Maintaining...
Anna Shipman
Technical Director for Customer Products @FinancialTimes