Securing Modern API and Microservice Based Applications by Design
Offered By: LASCON via YouTube
Course Description
Overview
Explore a comprehensive overview of securing modern API and microservice-based applications in this 45-minute conference talk from LASCON 2019. Gain a high-level understanding of contemporary API and microservices architectures, learn about key security concerns, and discover best practices for securing microservices and their APIs. Benefit from the speaker's extensive experience in building security architecture patterns and solutions for a major global financial institution, and acquire actionable architectural insights. Delve into topics such as monolithic vs. microservice applications, service-oriented architecture, API gateways, security benefits, user-level security context, end-to-end trust, service-level mutual authentication, token exchange, authorization, rate limiting, and group policy.
Syllabus
Introduction
Presentation Overview
Agenda
What are Microservices
Monolithic Applications
Microservice Applications
ServiceOriented Architecture
Microservices
API
Web API
API Gateway
Security Benefits
NonSecurity Benefits
User Level Security Context
EndtoEnd Trust
Service Level Mutual Authentication
Token Exchange Endpoint
Token Exchange Architecture
User Level Internet Trust
Authorization
Authentication and Authorization
Invocation
Rate Limiting
Group Policy
Takeaway
Taught by
LASCON
Related Courses
Comparing WAF and RASP - Why?LASCON via YouTube API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
LASCON via YouTube Privacy Impact Assessments - How Much Privacy Is Enough?
LASCON via YouTube Your Frontier Defense - Understanding Web Application Firewalls
LASCON via YouTube Doing This One Crazy Thing Will Change Your AppSec Program Forever
LASCON via YouTube