August 15, 2017 at 6:30 PM

ISSA National Capital Chapter August meeting topic:

Securing Microservices 
by Jack Mannino

 

Abstract
Microservices offer a lot of benefits for deploying large-scale applications, but implementing a secure architecture that scales over time can be challenging. Services are highly decoupled from each other as well as producers and consumers of data moving throughout the architecture. Data contracts between services are often blurry, and data sharing between microservices require careful consideration around access patterns and boundaries between related services. New services come, new services go. Some are deployed to containers, some to servers, and some are serverless. Your developers, data scientists, and infrastructure team are all empowered to move quickly and ship new services. Your job is to make sure all of the above happens in a secure and sane way. Microservices offer a lot of benefits for deploying large-scale applications, but implementing a secure architecture that scales over time can be challenging. Services are highly decoupled from each other as well as producers and consumers of data moving throughout the architecture. Data contracts between services are often blurry, and data sharing between microservices require careful consideration around access patterns and boundaries between related services. New services come, new services go. Some are deployed to containers, some to servers, and some are serverless. Your developers, data scientists, and infrastructure team are all empowered to move quickly and ship new services. Your job is to make sure all of the above happens in a secure and sane way. 

In this presentation, we will discuss the challenges with securing microservices and present solutions to make security a seamless and frictionless part of scaling your architecture. Using real-world examples of successes and failures while building a microservice architecture, we will discuss what translates well from monolithic design to microservices, and the bad habits you should leave behind. At the end of this presentation, you’ll understand what separates microservices from traditional monolithic applications and understand the problem space from a secure architectural perspective.

About the Speaker
Jack Mannino is the CEO and founder of nVisium, a technology company focused on making secure development scale. Passionate about technology and solving problems, his expertise spans over 15 years of building, breaking and securing software. Jack founded nVisium in 2009 to invent, test and provide new and more efficient methods of protecting software. He has spoken at conferences globally on topics including software security architecture, mobile application security, and DevOps.

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, August 15, 2017 6:30 PM

Center for American Progress (CAP)
1333 H St. NW
10th Floor
Washington, DC, 20005

Click here for details.