SlideShare ist ein Scribd-Unternehmen logo

Securing MicroServices - ConFoo 2017

Majid Fatemian
Majid Fatemian

Here are the slides for the talk, "Securing MicroService".

Software
1 von 67
Downloaden Sie, um offline zu lesen
SECURINGMICRO-SERVICES
Majid Fatemian R E D V E N T U R E S @majidfn
TECHNOLOGY-DRIVEN CUSTOMER ACQUISITION SALES & MARKETING
TRACKING ANALYTICS BILLING ORDERING CHAT FINE-GRAINED TECHNOLOGY / PROTOCOL AGNOSTIC ELASTIC, RESILIENT
TRACKING GEO ROUTING DATA
 SCIENCE RULES
 ENGINE INTERACTIVE
 VOICE
 RESPONSE ORDER BILLING SERVICE
 ABILITY CHAT COMPLIANCE ANALYTICS PHONE 
 NUMBER
 ASSIGNMENT
01011 REDVENTURES ✔ ✔ ✘✔ ✘ ✘
VS. AUTHORIZATION AUTHENTICATION
AUTHORIZATION VERIFYING THE IDENTITY OF A USER / PROCESS PERMITTING ACCESS / ACTION TO RESOURCES AUTHENTICATION
AUTHENTICATION
REUSE VS. BUILD
AUTHENTICATION 1 ACTIVE DIRECTORY
ACTIVE DIRECTORY Application
Application External Internal
AUTHENTICATION OKTA 1 2 ACTIVE DIRECTORY
ACTIVE DIRECTORY SAM L Application External Internal
SAML - SECURITY ASSERTION MARKUP LANGUAGE SERVICE PROVIDER USER IDENTITY PROVIDER Request resource Redirects to SSO Identify User SAML Respond with requested Resource SAML
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx41d8ef22- e612-8c50-9960-1b16f15741b3" Version="2.0" ProviderName="SP test" IssueInstant="2014-07-16T23:52:45Z" Destination="http://idp.example.com/ SSOService.php" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://sp.example.com/demo1/ index.php?acs"> <saml:Issuer>http://sp.example.com/demo1/metadata.php</saml:Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#pfx41d8ef22-e612-8c50-9960-1b16f15741b3"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>yJN6cXUwQxTmMEsPesBP2NkqYFI=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>g5eM9yPnKsmmE/Kh2qS7nfK8HoF…3socPqAi2Qf97E=</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIICajCCAdOgAwIBAgIBADANBgkqhkiG9w0BAQQ…….BpspRYT+kAGiFomHop1nErV6Q==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" AllowCreate="true"/> <samlp:RequestedAuthnContext Comparison="exact"> <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef> </samlp:RequestedAuthnContext> </samlp:AuthnRequest>
ACTIVE DIRECTORY SAM L SERVICE
 1 SERVICE
 2 SERVICE
 3 SAML
AUTHENTICATION OKTA 1 2 3 JWT (JSON WEB TOKEN) ACTIVE DIRECTORY
ACTIVE DIRECTORY SAM L + JWT JWT SERVICE
 1 SERVICE
 2 SERVICE
 3
JWT
 Identity
 Provider SERVICE PublicPrivate + JWT
JWT eyJXAiiJKV1Qi.eyJ1c2VySWQi4ZjItOGZhYi1jZWYzOTAjYwYQ.-xHVTCMdoHrcZxH Header Payload Signature
JWT - PAYLOAD { "email": "mfatemian@redventures.com",
 "userName": "mfatemian",
 "firstName": "Majid",
 "lastName": "Fatemian",
 "employeeID": "11520",
 "jti": "7bc4561ab-b6c8e2-76b1-31a3-a9bb90fb67c",
 "iat": 1487910598,
 "exp": 1487953798
 }
AUTHORIZATION
Read
AUTHORIZATION CAN USER READ FROM ATT&T IN ANALYTICS? CAN USER READ FROM VERIZON IN ANALYTICS? ✔ ✘
THE PROBLEM AD GROUPS CUSTOM AD GROUPS CUSTOM
▸Scattered ▸Inconsistent ▸No Monitoring ▸No Centralized control
DESIRED SOLUTION ▸ Centralized ▸ Simple ▸ Scalable ▸ Monitoring ▸ Easily Manageable
EXISTING AUTHZ SOLUTIONS SERVICE
 1 SERVICE
 2 SERVICE
 3 SERVICE
 4 SERVICE
 5 SERVICE
 6 AUTHORIZATION
+ JWT SERVICE
 1 SERVICE
 2 SERVICE
 3 SERVICE
 4 SERVICE
 5 SERVICE
 6 AUTHORIZATION 1 ROUND TRIP / ACTION EXISTING AUTHZ SOLUTIONS
▸ Round-trips ▸ Roles, Groups, etc ▸ Complex
▸ Round-trips ▸ Roles, Groups, etc ▸ Complex
SIMPLIFIED
 AUTHORIZATION
Read
AREA 1 AREA 2 AREA 3 Action
AREASERVICE ACTION analytics verizon write
SERVICE ACTIONGLOBAL analytics writeglobal
Action GLOBAL
AREA 1 AREA 2 AREA 3 Action GLOBAL
{ 
 "analytics": {
 "write": ["verizon", "att"],
 "read": ["global"]
 },
 "data_science": {
 "report": ["att"]
 }
 }
JWT - PAYLOAD { "email": "mfatemian@redventures.com",
 "userName": "mfatemian",
 "firstName": "Majid",
 "lastName": "Fatemian",
 "employeeID": "11520",
 "permissions":{"analytics": {"write":
 ["verizon","att"],"read": ["global"]},"data_science":
 {"report": ["att"]}},
 "jti": "7bc4561ab-b6c8e2-76b1-31a3-a9bb90fb67c",
 "iat": 1487910598,
 "exp": 1487953798
 }
JWT - PAYLOAD { "email": "mfatemian@redventures.com",
 "userName": "mfatemian",
 "firstName": "Majid",
 "lastName": "Fatemian",
 "employeeID": "11520",
 "permissions":{"analytics": {"write":
 ["verizon","att"],"read": ["global"]},"data_science":
 {"report": ["att"]}},
 "jti": "7bc4561ab-b6c8e2-76b1-31a3-a9bb90fb67c",
 "iat": 1487910598,
 "exp": 1487953798
 }
HTTP 413 - REQUEST ENTITY TOO LARGE Default
 Header
 8K
gzip | base64
JWT - PAYLOAD { "email": "mfatemian@redventures.com",
 "userName": "mfatemian",
 "firstName": "Majid",
 "lastName": "Fatemian",
 "employeeID": "11520",
 "permissions": "H4sIAAmrs1gAAx3L…qAIBRF0XnLeGN",
 "jti": "7bc4561ab-b6c8e2-76b1-31a3-a9bb90fb67c",
 "iat": 1487910598,
 "exp": 1487953798
 }
JWT - PAYLOAD { "email": "mfatemian@redventures.com",
 "userName": "mfatemian",
 "firstName": "Majid",
 "lastName": "Fatemian",
 "employeeID": "11520",
 "permissions": "H4sIAAmrs1gAAx3L…qAIBRF0XnLeGN",
 "jti": "7bc4561ab-b6c8e2-76b1-31a3-a9bb90fb67c",
 "iat": 1487910598,
 "exp": 1487953798
 }
SAML JWT SERVICE
 1 SERVICE
 2 SERVICE
 3 + JWT
SAML + JWT
 +
 PERMISSIONS JWT SERVICE
 1 SERVICE
 2 SERVICE
 3 AUTHORIZATION PERMISSIONS
+ JWT DATASCIENCE
 ATT&T READ Y / N {
▸ Centralized ▸ Simple ▸ Scalable ▸ Monitoring ▸ Easily Manageable
SAML + JWT
 +
 PERMISSIONS JWT SERVICE
 1 SERVICE
 2 SERVICE
 3 AUTHORIZATION PERMISSIONS
SAML + JWT
 +
 PERMISSIONS JWT SERVICE
 1 SERVICE
 2 SERVICE
 3 AUTHORIZATION PERMISSIONS MANAGEMENT
AUTHORIZATION SERVICE, AUTHORIZES ITSELF + JWT AUTHORIZATION
 DATA SCIENCE ADD USER Y / N {
INTEGRATION
THE PROBLEM AD GROUPS CUSTOM AD GROUPS CUSTOM
CLIENT LIBS }golang C# JavaScript PHP
IsAuthorized(JWT, "data_science", "verizon", "read") True | False
TRACKING ANALYSIS BILLING ORDERING SERVICE
 ABILITY GEO CHAT 01011 R E D V E N T U R E S DATA
 SCIENCE
TRACKING ANALYSIS BILLING ORDERING SERVICE
 ABILITY GEO CHAT 01011 R E D V E N T U R E S DATA
 SCIENCE
MONITORING & ALERTING TRACKING ANALYSIS BILLING ORDERING SERVICE
 ABILITY MONITORING ALERTING DATA
 SCIENCE LOGGING
▸ Centralized ▸ Simple ▸ Scalable ▸ Monitoring ▸ Easily Manageable
▸ Open source ▸ Okta dependency FUTURE WORK
REUSE BUILD1 2 TOKEN BASED AUTH 3 SIMPLE ≠ INSECURE >
THANK YOU! QUESTIONS?
Securing MicroServices - ConFoo 2017

Empfohlen

Microservices
MicroservicesMicroservices
MicroservicesArtur Prado
 
Get more than a cache back! - ConFoo Montreal
Get more than a cache back! - ConFoo MontrealGet more than a cache back! - ConFoo Montreal
Get more than a cache back! - ConFoo MontrealMaarten Balliauw
 
Microservices Minus the Hype: How to Build and Why
Microservices Minus the Hype: How to Build and WhyMicroservices Minus the Hype: How to Build and Why
Microservices Minus the Hype: How to Build and WhyMark Heckler
 
Monitoring system with Grafana and StatsD
Monitoring system with Grafana and StatsDMonitoring system with Grafana and StatsD
Monitoring system with Grafana and StatsDArtur Prado
 
Docker and java, at Montréal JUG
Docker and java, at Montréal JUGDocker and java, at Montréal JUG
Docker and java, at Montréal JUGAnthony Dahanne
 
The Soul in The Machine - Developing for Humans
The Soul in The Machine - Developing for HumansThe Soul in The Machine - Developing for Humans
The Soul in The Machine - Developing for HumansChristian Heilmann
 
DNS for Developers - ConFoo Montreal
DNS for Developers - ConFoo MontrealDNS for Developers - ConFoo Montreal
DNS for Developers - ConFoo MontrealMaarten Balliauw
 
The Progressive Web and its New Challenges - Confoo Montréal 2017
The Progressive Web and its New Challenges - Confoo Montréal 2017The Progressive Web and its New Challenges - Confoo Montréal 2017
The Progressive Web and its New Challenges - Confoo Montréal 2017Christian Heilmann
 

Empfohlen

Microservices
MicroservicesMicroservices
MicroservicesArtur Prado
 
Get more than a cache back! - ConFoo Montreal
Get more than a cache back! - ConFoo MontrealGet more than a cache back! - ConFoo Montreal
Get more than a cache back! - ConFoo MontrealMaarten Balliauw
 
Microservices Minus the Hype: How to Build and Why
Microservices Minus the Hype: How to Build and WhyMicroservices Minus the Hype: How to Build and Why
Microservices Minus the Hype: How to Build and WhyMark Heckler
 
Monitoring system with Grafana and StatsD
Monitoring system with Grafana and StatsDMonitoring system with Grafana and StatsD
Monitoring system with Grafana and StatsDArtur Prado
 
Docker and java, at Montréal JUG
Docker and java, at Montréal JUGDocker and java, at Montréal JUG
Docker and java, at Montréal JUGAnthony Dahanne
 
The Soul in The Machine - Developing for Humans
The Soul in The Machine - Developing for HumansThe Soul in The Machine - Developing for Humans
The Soul in The Machine - Developing for HumansChristian Heilmann
 
DNS for Developers - ConFoo Montreal
DNS for Developers - ConFoo MontrealDNS for Developers - ConFoo Montreal
DNS for Developers - ConFoo MontrealMaarten Balliauw
 
The Progressive Web and its New Challenges - Confoo Montréal 2017
The Progressive Web and its New Challenges - Confoo Montréal 2017The Progressive Web and its New Challenges - Confoo Montréal 2017
The Progressive Web and its New Challenges - Confoo Montréal 2017Christian Heilmann
 
Accessible & Usable Web Forms. Your How To Guide!
Accessible & Usable Web Forms. Your How To Guide!Accessible & Usable Web Forms. Your How To Guide!
Accessible & Usable Web Forms. Your How To Guide!Rabab Gomaa
 
ConFoo 2017: Introduction to performance optimization of .NET web apps
ConFoo 2017: Introduction to performance optimization of .NET web appsConFoo 2017: Introduction to performance optimization of .NET web apps
ConFoo 2017: Introduction to performance optimization of .NET web appsPierre-Luc Maheu
 
Sensible scaling
Sensible scalingSensible scaling
Sensible scalingRowan Merewood
 
Git store
Git storeGit store
Git storeKirsten Hunter
 
Api intensive - What they Are
Api intensive - What they AreApi intensive - What they Are
Api intensive - What they AreKirsten Hunter
 
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?Mark Heckler
 
Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...
Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...
Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...Mark Heckler
 
Designing irresistible apis
Designing irresistible apisDesigning irresistible apis
Designing irresistible apisKirsten Hunter
 
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?Mark Heckler
 
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Mark Heckler
 
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Mark Heckler
 
Going Reactive with Spring 5 & Project Reactor
Going Reactive with Spring 5 & Project ReactorGoing Reactive with Spring 5 & Project Reactor
Going Reactive with Spring 5 & Project ReactorMark Heckler
 
Protect your Users with Circuit breakers
Protect your Users with Circuit breakersProtect your Users with Circuit breakers
Protect your Users with Circuit breakersScott Triglia
 
Techniques for Cross Platform .NET Development
Techniques for Cross Platform .NET DevelopmentTechniques for Cross Platform .NET Development
Techniques for Cross Platform .NET DevelopmentJeremy Hutchinson
 
Making The Most Of Internship
Making The Most Of Internship Making The Most Of Internship
Making The Most Of Internship Pramod Kumar Srivastava
 
Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...
Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...
Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...Robert Brandel
 
APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)
APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)
APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)apidays
 
Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...
Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...
Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...Codemotion
 
PistonHead's use of MongoDB for Analytics
PistonHead's use of MongoDB for AnalyticsPistonHead's use of MongoDB for Analytics
PistonHead's use of MongoDB for AnalyticsAndrew Morgan
 
Losant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouseLosant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouseCapgemini
 
126 Golconde
126 Golconde126 Golconde
126 Golcondeelliando dias
 
Office Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAsOffice Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAsMike Walker
 

Weitere ähnliche Inhalte

Andere mochten auch

Accessible & Usable Web Forms. Your How To Guide!
Accessible & Usable Web Forms. Your How To Guide!Accessible & Usable Web Forms. Your How To Guide!
Accessible & Usable Web Forms. Your How To Guide!Rabab Gomaa
 
ConFoo 2017: Introduction to performance optimization of .NET web apps
ConFoo 2017: Introduction to performance optimization of .NET web appsConFoo 2017: Introduction to performance optimization of .NET web apps
ConFoo 2017: Introduction to performance optimization of .NET web appsPierre-Luc Maheu
 
Api intensive - What they Are
Api intensive - What they AreApi intensive - What they Are
Api intensive - What they AreKirsten Hunter
 
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?Mark Heckler
 
Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...
Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...
Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...Mark Heckler
 
Designing irresistible apis
Designing irresistible apisDesigning irresistible apis
Designing irresistible apisKirsten Hunter
 
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?Mark Heckler
 
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Mark Heckler
 
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Mark Heckler
 
Going Reactive with Spring 5 & Project Reactor
Going Reactive with Spring 5 & Project ReactorGoing Reactive with Spring 5 & Project Reactor
Going Reactive with Spring 5 & Project ReactorMark Heckler
 
Protect your Users with Circuit breakers
Protect your Users with Circuit breakersProtect your Users with Circuit breakers
Protect your Users with Circuit breakersScott Triglia
 
Techniques for Cross Platform .NET Development
Techniques for Cross Platform .NET DevelopmentTechniques for Cross Platform .NET Development
Techniques for Cross Platform .NET DevelopmentJeremy Hutchinson
 

Andere mochten auch (15)

Accessible & Usable Web Forms. Your How To Guide!
Accessible & Usable Web Forms. Your How To Guide!Accessible & Usable Web Forms. Your How To Guide!
Accessible & Usable Web Forms. Your How To Guide!
 
ConFoo 2017: Introduction to performance optimization of .NET web apps
ConFoo 2017: Introduction to performance optimization of .NET web appsConFoo 2017: Introduction to performance optimization of .NET web apps
ConFoo 2017: Introduction to performance optimization of .NET web apps
 
Sensible scaling
Sensible scalingSensible scaling
Sensible scaling
 
Git store
Git storeGit store
Git store
 
Api intensive - What they Are
Api intensive - What they AreApi intensive - What they Are
Api intensive - What they Are
 
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
 
Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...
Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...
Living on the Edge (Service): Bundling Microservices to Optimize Consumption ...
 
Designing irresistible apis
Designing irresistible apisDesigning irresistible apis
Designing irresistible apis
 
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
This stuff is cool, but...HOW CAN I GET MY COMPANY TO DO IT?
 
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
 
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
Clouds & Containers: Hit the High Points and Give it to Me Straight, What's t...
 
Going Reactive with Spring 5 & Project Reactor
Going Reactive with Spring 5 & Project ReactorGoing Reactive with Spring 5 & Project Reactor
Going Reactive with Spring 5 & Project Reactor
 
Protect your Users with Circuit breakers
Protect your Users with Circuit breakersProtect your Users with Circuit breakers
Protect your Users with Circuit breakers
 
Techniques for Cross Platform .NET Development
Techniques for Cross Platform .NET DevelopmentTechniques for Cross Platform .NET Development
Techniques for Cross Platform .NET Development
 
Making The Most Of Internship
Making The Most Of Internship Making The Most Of Internship
Making The Most Of Internship
 

Ähnlich wie Securing MicroServices - ConFoo 2017

Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...
Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...
Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...Robert Brandel
 
APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)
APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)
APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)apidays
 
Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...
Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...
Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...Codemotion
 
PistonHead's use of MongoDB for Analytics
PistonHead's use of MongoDB for AnalyticsPistonHead's use of MongoDB for Analytics
PistonHead's use of MongoDB for AnalyticsAndrew Morgan
 
Losant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouseLosant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouseCapgemini
 
Office Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAsOffice Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAsMike Walker
 
DevSecCon London 2018: Securing a web app: business security VS the OWASP top 10
DevSecCon London 2018: Securing a web app: business security VS the OWASP top 10DevSecCon London 2018: Securing a web app: business security VS the OWASP top 10
DevSecCon London 2018: Securing a web app: business security VS the OWASP top 10DevSecCon
 
Oracle Goldengate for Big Data - LendingClub Implementation
Oracle Goldengate for Big Data - LendingClub ImplementationOracle Goldengate for Big Data - LendingClub Implementation
Oracle Goldengate for Big Data - LendingClub ImplementationVengata Guruswamy
 
LendingClub RealTime BigData Platform with Oracle GoldenGate
LendingClub RealTime BigData Platform with Oracle GoldenGateLendingClub RealTime BigData Platform with Oracle GoldenGate
LendingClub RealTime BigData Platform with Oracle GoldenGateRajit Saha
 
AWS Neptune - A Fast and reliable Graph Database Built for the Cloud
AWS Neptune - A Fast and reliable Graph Database Built for the CloudAWS Neptune - A Fast and reliable Graph Database Built for the Cloud
AWS Neptune - A Fast and reliable Graph Database Built for the CloudAmazon Web Services
 
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby MeetupBecoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby MeetupAndy Maleh
 
IoT Developer Confrence - A Novel Approach: IoT Device Virtualization using M...
IoT Developer Confrence - A Novel Approach: IoT Device Virtualization using M...IoT Developer Confrence - A Novel Approach: IoT Device Virtualization using M...
IoT Developer Confrence - A Novel Approach: IoT Device Virtualization using M...KnowThings
 
CQRS and Event Sourcing: A DevOps perspective
CQRS and Event Sourcing: A DevOps perspectiveCQRS and Event Sourcing: A DevOps perspective
CQRS and Event Sourcing: A DevOps perspectiveMaria Gomez
 
apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...
apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...
apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...apidays
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...TI Safe
 
Practical Secure Coding Workshop - {DECIPHER} Hackathon
Practical Secure Coding Workshop - {DECIPHER} HackathonPractical Secure Coding Workshop - {DECIPHER} Hackathon
Practical Secure Coding Workshop - {DECIPHER} HackathonStefan Streichsbier
 
EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?confluent
 
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Amazon Web Services
 

Ähnlich wie Securing MicroServices - ConFoo 2017 (20)

Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...
Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...
Slideshare.net rh-isac summit 2019 - adam pennington - leveraging mitre at ta...
 
APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)
APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)
APIsecure 2023 - What if privacy had an API?, Sean Falconer (Skyflow)
 
Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...
Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...
Boxcars and Cabooses: When one more XHR is too much - Peter Chittum - Codemot...
 
PistonHead's use of MongoDB for Analytics
PistonHead's use of MongoDB for AnalyticsPistonHead's use of MongoDB for Analytics
PistonHead's use of MongoDB for Analytics
 
Losant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouseLosant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouse
 
126 Golconde
126 Golconde126 Golconde
126 Golconde
 
Office Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAsOffice Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAs
 
DevSecCon London 2018: Securing a web app: business security VS the OWASP top 10
DevSecCon London 2018: Securing a web app: business security VS the OWASP top 10DevSecCon London 2018: Securing a web app: business security VS the OWASP top 10
DevSecCon London 2018: Securing a web app: business security VS the OWASP top 10
 
Oracle Goldengate for Big Data - LendingClub Implementation
Oracle Goldengate for Big Data - LendingClub ImplementationOracle Goldengate for Big Data - LendingClub Implementation
Oracle Goldengate for Big Data - LendingClub Implementation
 
LendingClub RealTime BigData Platform with Oracle GoldenGate
LendingClub RealTime BigData Platform with Oracle GoldenGateLendingClub RealTime BigData Platform with Oracle GoldenGate
LendingClub RealTime BigData Platform with Oracle GoldenGate
 
AWS Neptune - A Fast and reliable Graph Database Built for the Cloud
AWS Neptune - A Fast and reliable Graph Database Built for the CloudAWS Neptune - A Fast and reliable Graph Database Built for the Cloud
AWS Neptune - A Fast and reliable Graph Database Built for the Cloud
 
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby MeetupBecoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
Becoming a SOC2 Ruby Shop - Montreal.rb November, 5, 2022 Ruby Meetup
 
IoT Developer Confrence - A Novel Approach: IoT Device Virtualization using M...
IoT Developer Confrence - A Novel Approach: IoT Device Virtualization using M...IoT Developer Confrence - A Novel Approach: IoT Device Virtualization using M...
IoT Developer Confrence - A Novel Approach: IoT Device Virtualization using M...
 
CQRS and Event Sourcing: A DevOps perspective
CQRS and Event Sourcing: A DevOps perspectiveCQRS and Event Sourcing: A DevOps perspective
CQRS and Event Sourcing: A DevOps perspective
 
apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...
apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...
apidays LIVE Jakarta - E5 ways to make your integration more resilient by Je...
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
 
Practical Secure Coding Workshop - {DECIPHER} Hackathon
Practical Secure Coding Workshop - {DECIPHER} HackathonPractical Secure Coding Workshop - {DECIPHER} Hackathon
Practical Secure Coding Workshop - {DECIPHER} Hackathon
 
EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?
 
GE’s Industrial Data Lake Platform
GE’s Industrial Data Lake PlatformGE’s Industrial Data Lake Platform
GE’s Industrial Data Lake Platform
 
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
 

Kürzlich hochgeladen

Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 
tonesoftg
tonesoftgtonesoftg
tonesoftglanshi9
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplatePresentation.STUDIO
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrainmasabamasaba
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...masabamasaba
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...SelfMade bd
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyviewmasabamasaba
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareJim McKeeth
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...masabamasaba
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrandmasabamasaba
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...masabamasaba
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 

Kürzlich hochgeladen (20)

Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 

Securing MicroServices - ConFoo 2017