Conferences Conferences-2020 Conferences-Upcoming

Sec4Dev Vienna – Microservice Security Bootcamp

sec4dev Vienna

24.02.2020: Sec4Dev Vienna – Microservices Security Bootcamp

All developers today are also DevSecOps engineers even if they are not aware of it. In this Bootcamp, you will learn how to secure cloud-native Java microservices. First, we will look into what are the common security risks for server-side applications. Then we will directly dive into the hands-on coding parts to see how we can mitigate those security risks in our own applications. Specifically, we’ll see how the security patterns are implemented with the most widely used frameworks Spring Boot and Micronaut. In the last part, you will also learn how to deploy your applications securely as containers into a Kubernetes cluster.

Training content:

  • OWASP Top 10 (Web Application Security Risks)
  • OWASP Docker Top 10
  • Securing Spring Boot applications
  • Securing Micronaut applications
  • Authentication and Authorization
  • Basic Auth, MTLS, WebAuthn
  • OAuth 2.0 and OpenID Connect
  • Configuring HTTPS connections
  • Encryption and password hashing
  • Security response headers
  • Defense against SQL injection, XSS, and CSRF
  • Securing both blocking servlet-based and non-blocking reactive web applications
  • Container- and Kubernetes Security
  • Automated security tests

Full session description (Sec4Dev 2020 website)