This is the longer, 90 min version of my Microservices talk, as presented at Velocity 2016 in Santa Clara.
Security is everyone’s job, even if you’re not a specialist. Microservices offer many options for securing your systems. Done right, microservices can increase the security of your vital data and processes. Done wrong, and they can increase the surface area of attack. Sam Newman explores the importance of defense in depth, discussing the many different ways in which you can secure your fine-grained, distributed architectures and outlining a model to show how developers can think about application security and how they can play their part. From there, Sam dives into the specific challenges in microservice architectures and explains how application security principles can be applied to these often much more complex application architectures. You’ll leave with a high-level framework for thinking about application security and tools that help with prevention, detection, response, and recovery, as well as the knowledge of what not to do when breaches happen.