Security for API/Microservice Architectures
Many organisations are changing their architectural approach to software. API based and microservice architectures are providing mechanisms for fast iteration and functionality deployment without the fragility and coupling that comes from working on older, complex monoliths.
While the benefits of these changes are clear, the implementation details can provide a range of security challenges.
This 2 day course will examine some of the specific security considerations that need to addressed when moving from monolith to micro-service, how to address them and the challenges you might encounter on the way.
This course is an Extension level course. All students are required to have a base level of security knowledge and may have attended an appropriate Foundation level course such as Security for Software Developers.
In addition, it is highly recommended that all students have basic practical experience with developing API or micro-service based systems.
This course builds upon basic application security principles and links them to the architectural features of API/micro-service systems.
Service decomposition and coupling
Risk in distributed architectures
Use of third party components and services
Authentication and authorization
API consumption models vs. threats
Using API gateways securely
Logging and monitoring
This course is designed to be hands on and interactive. Lecture material is combined with a range of custom built labs to test students and let them experiment with the vulnerabilities in action.
2 days (08:30 - 16:30)
SUITABLE FOR ROLES
Price per person
$1200 (excluding GST)