This document appears to be a transcript from a presentation on application security and microservices. The summary includes:
1) The presentation discusses security challenges and strategies for microservices architectures, including transport security, authentication, authorization, encryption of data at rest, and perimeter security approaches.
2) Prevention, detection, response and recovery are emphasized as important aspects of a security strategy, along with practices like short-lived credentials, patching, and "repaving" or rebuilding systems on deployments.
3) Managing security risks across polyglot systems is highlighted as a challenge, as is the need to automate security practices and conduct thorough post-mortem analyses of incidents.
33. @samnewman#velocityconf
Open Safe
Pick Lock Learn Combo Cut Open
Find Written
Combo
Get Combo from
the target
Blackmail Threaten Bribe
Impossible
Impossible Impossible
Possible
Possible
Possible
76. @samnewman#velocityconf
“In the API server secret data is stored as plaintext in etcd"
http://kubernetes.io/docs/user-guide/secrets/#security-properties
89. @samnewman#velocityconf
“At or near the top of security concerns in the
datacenter is something called an Advanced
Persistent Threat (APT). An APT gains
unauthorized access to a network and can stay
hidden for a long period of time. Its goal is
usually to steal, corrupt, or ransom data.”
- Justin Smith, Pivotal
148. @samnewman#velocityconf
"[The employee responsible] didn't follow
procedures and clearly that's not a good thing
but I wouldn't want to pre-empt the proper
investigation and we'll figure out what the right
response is when we've had a chance to dig into
the detail."
- Australian Financial Review
http://www.afr.com/business/telecommunications/telstra-mobile-network-down-across-
australia-reports-20160209-gmpaty
151. @samnewman#velocityconf
“Finding the root cause of a
failure is like finding a root
cause of a success.”
http://www.kitchensoap.com/2012/02/10/each-necessary-but-only-jointly-sufficient/
John Allspaw