YoVDO

gRPC Security with Less Effort - NSEC2023

Offered By: NorthSec via YouTube

Tags

gRPC Courses Kubernetes Courses Microservices Courses Authorization Courses HTTP/2 Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore gRPC security challenges and solutions in this 31-minute conference talk from NorthSec. Delve into the expanded attack surface of gRPC/gRPC-web compared to traditional HTTP1.1 REST, focusing on applicative service misconfigurations. Examine new attack vectors arising from issues like HTTP2 downgrade and disabled reflection. Discover a comprehensive code configuration for securing generic gRPC services, featuring an automatically generated Kubernetes authentication service with an interceptor to an authorization engine. Learn how to simplify complex access delegation using open-source Ory engines. Gain insights into critical applicative issues related to currency, math, and conversions that demand attention in gRPC implementations.

Syllabus

NSEC2023 - gRPC security with less effort


Taught by

NorthSec

Related Courses

Introduction to Cloud Infrastructure Technologies
Linux Foundation via edX Scalable Microservices with Kubernetes
Google via Udacity Google Cloud Fundamentals: Core Infrastructure
Google via Coursera Introduction to Kubernetes
Linux Foundation via edX Fundamentals of Containers, Kubernetes, and Red Hat OpenShift
Red Hat via edX