Microservices Security in Action

  • 20h 59m 50s
  • Nuwan Dias, Prabath Siriwardena
  • Manning Publications
  • 2021

About the technology

Integrating independent services into a single system presents special security challenges in a microservices deployment. With proper planning, however, you can build in security from the start. Learn to create secure services and protect application data throughout development and deployment. As microservices continue to change enterprise application systems, developers and architects must learn to integrate security into their design and implementation. Because microservices are created as a system of independent components, each a possible point of failure, they can multiply the security risk.

About the book

Microservices Security in Action is filled with solutions, teaching best practices for throttling and monitoring, access control, and microservice-to-microservice communications. Along the way, authors and software security experts Prabath Siriwardena and Nuwan Dias shine a light on important concepts like throttling, analytics gathering, access control at the API gateway, and microservice-to-microservice communication. You'll also discover how to securely deploy microservices using state-of-the-art technologies including Kubernetes, Docker, and the Istio service mesh. When you're finished listening, you'll be planning, designing, and implementing microservices applications with the priceless confidence that comes with knowing they're secure!

What's inside

  • Microservice security concepts
  • Edge services with an API gateway
  • Deployments with Docker, Kubernetes, and Istio
  • Security testing at the code level
  • Communications with HTTP, gRPC, and Kafka

In this Audiobook

  • Chapter 1 - Microservices Security Landscape
  • Chapter 2 - First Steps in Securing Microservices
  • Chapter 3 - Securing North/South Traffic with an API Gateway
  • Chapter 4 - Accessing a Secured Microservice via a Single-Page Application
  • Chapter 5 - Engaging Throttling, Monitoring, and Access Control
  • Chapter 6 - Securing East/West Traffic with Certificates
  • Chapter 7 - Securing East/West Traffic with JWT
  • Chapter 8 - Securing East/West Traffic over gRPC
  • Chapter 9 - Securing Reactive Microservices
  • Chapter 10 - Conquering Container Security with Docker
  • Chapter 11 - Securing Microservices on Kubernetes
  • Chapter 12 - Securing Microservices with Istio Service Mesh
  • Chapter 13 - Secure Coding Practices and Automation


Rating 4.4 of 17 users Rating 4.4 of 17 users (17)
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)