Microservices Security

Focused View

Wojciech Lesniak

3:04:59

78 View

01. Course Overview

01. Course Overview.mp4

01:46

02. Understanding the Complexities of Microservices Security

01. Course Introduction.mp4

04:27

02. Microservices Security Challenges.mp4

06:40

03. Module Wrap Up.mp4

01:06

03. Securing the Perimeter around Your Microservices

01. Module Introduction.mp4

00:31

02. Challenges with Edge Security.mp4

03:47

03. API Gateway. Exposing Your API Securely.mp4

02:50

04. Should You Consider Basic Authentication.mp4

02:19

05. Authenticating Clients with Certificates.mp4

02:33

06. Introducing Tokens.mp4

02:34

07. Leveraging a Security Token Service.mp4

04:10

08. By-references vs. By-value Tokens.mp4

04:43

09. Json Web Tokens.mp4

02:51

10. Delegated Authorization with OAuth2.mp4

05:30

11. The Reasons for OpenID Connect.mp4

06:43

12. Options for an API Gateway and Authorization Server.mp4

02:54

13. Module Wrap Up.mp4

01:38

04. Securing the Communication between Your Microservices

01. Module Introduction.mp4

04:01

02. Mutual Transport Layer Security.mp4

05:05

03. A Closer Look at the Trust Bootstrap Problem.mp4

02:33

04. Introducing the Demo.mp4

04:22

05. Using Tokens.mp4

03:56

06. OAuth2 Token Exchange.mp4

02:38

07. Sharing User Context between Your Microservices.mp4

03:38

08. Non-repudiation with Self-issued and Nested JWTs.mp4

01:48

09. Service to Service with OAuth2 Client Credentials Flow.mp4

02:15

10. Scope Based Authorization with OAuth2.mp4

03:02

11. Claims Based Access Control.mp4

01:36

12. Authorization as a Service.mp4

02:42

13. Module Wrap Up.mp4

01:55

05. Securing the Communication between Your Microservices and Public Clients

01. Module Introduction.mp4

02:14

02. Challenges with Public Clients.mp4

02:57

03. Authorization Code Flow with PKCE by OAuth2 Clients.mp4

01:27

04. Handling of the Access Token.mp4

03:04

05. Understanding Cross-origin Resource Sharing.mp4

02:06

06. Module Wrap Up.mp4

01:36

06. Defense in Depth- Leveraging Security Patterns in Your Microservices Architecture

01. Module Introduction.mp4

00:47

02. Challenges with JWT.mp4

02:02

03. Short-lived Access Tokens with Refresh Tokens.mp4

03:47

04. Handling Long-lived Tokens.mp4

04:03

05. A Closer Look at Authentication as a Microservice.mp4

03:03

06. Securing Reactive Microservices.mp4

03:58

07. Module Wrap Up.mp4

00:59

07. Monitoring and Throttling Your Microservices

01. Module Introduction.mp4

01:08

02. Auditing Sensitive Events.mp4

05:09

03. Proactively Monitoring Your Microservices.mp4

03:20

04. Throttling Your Microservices.mp4

04:49

05. Resiliency Questions You Need to Ask Yourself.mp4

01:31

06. Module Wrap Up.mp4

00:43

08. Decoupling Security from Your Microservices with Service Mesh

01. Module Introduction.mp4

02:34

02. Service Mesh with Istio.mp4

04:52

03. Module Wrap Up.mp4

02:47

09. Securely Developing and Deploying Your Microservices

01. Module Introduction.mp4

00:49

02. Dont Re-invent the Wheel.mp4

02:16

03. Keep It Simple and Automate.mp4

01:05

04. If You Do Only One Thing Then Do Patching.mp4

01:37

05. Obscure Everything but Dont Rely on Obscurity.mp4

02:01

06. Effective Secret Management.mp4

02:31

07. Secure Your Containers.mp4

03:47

08. Module Wrap Up.mp4

01:32

10. Fostering a Security Culture within Your Microservices Teams

01. Module Introduction.mp4

01:36

02. Visualize Your Architecture.mp4

02:14

03. Threat Modeling.mp4

03:02

04. Performing a Risk Assessment.mp4

03:58

05. Conducting Training and Code Reviews.mp4

00:56

06. Module Wrap Up.mp4

02:06

Description

Security breaches can be very costly, from loss of revenue, reputational damage, and even bankruptcy. In this course, you will learn how to navigate the unique security challenges of a microservice architecture.

What You'll Learn?

Microservices can provide a lot of flexibility and benefits to your application and organization. Security breaches can be very costly, from loss of revenue, reputational damage and possibly bankruptcy, hence it’s of utmost importance you get it right. In this course, Microservices Security Fundamentals, you will learn the best practices, principals, standards, and patterns to effectively design and implement security solutions for your desired microservices architecture. First, you will learn about the key challenges of securing microservices vs. traditional monolithic applications. Next, you will discover the various security patterns and techniques you can utilize to address these challenges, focusing on edge and service-service security, single page vs. multi-page applications, monitoring, alerting, and throttling. Finally, you will explore threat modeling techniques and how to foster a security culture within your microservices teams. When you finish this course, you will have the skills and knowledge to design and implement secure microservices required to protect your organization and users.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Microservices

Network Security

Information Security

Wojciech Lesniak

Instructor's Courses

Wojciech is a Technical Lead and Scrum Master. He has over 15 years' experience in software development working in a variety of industries from financial services and online gaming. He has extensive experience with anything Java, Spring framework, Microservices and has a passion for developing secure and scalable applications.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.