C1. Building Patterns for Secure Microservices, an Approach and Pattern Zero Candidate
Wednesday, May 9, 2018
2:00 PM - 3:00 PM
So, you’ve committed to a micro-services journey? Well done! But what does that mean from a security point of view? Whether you are decomposing a monolith or building in a green field there are a plethora of design decisions to be made, many of which have security implications. But is there a well vetted catalog of well-known patterns and relevant security implications to draw from? Join us to discuss how to create a software design pattern stack, test it, and iterate to build a catalog of patterns for software security. We will walk thorugh version zero of our cloud-based, micro service architecture as a straw-man.
After completing this session, learner will:
- Understand what an architectural pattern is and the various levels of design they can be applied to
- Understand how architectural patterns are relevant to AppSec
- Understand how security architecture relates to patterns at various levels
- Be introduced to an initial set of security patterns relevant to application architecture
- Understand how to contribute to a the community effort to develop and document Security Architecture and AppSec patterns
Joe Gerber has over a decade of app sec experience, and came up through the ranks as a software engineer, software designer and architect. He is passionate about creating software design patterns that can improve how software works.
Christian Price has over a decade of experience in various information security domains and is passionate about transforming how security teams contribute value and unlock innovation. He is currently a cloud security architect, and enjoys the disruptive nature of clouds because they force us to challenge convention and to innovate.