Microservices architecture is forcing developers to not only rethink how they design and develop applications, but also common security assumptions and practices. With the decomposition of traditional applications, each microservice instance represents a unique network endpoint, creating a distributed attack surface that is no longer limited to a few isolated servers or IP addresses. In this presention, we will review: -How microservices differ from SOA or monolithic architectures -Best practices for adopting and deploying secure microservices for production use -Avoiding continuous delivery of new vulnerabilities -Limiting attack vectors on a growing number of API endpoints -Protecting Internet-facing services from resource exhaustion