Agile + DevOps East 2018 Concurrent Session : Modern Security with Microservices and the Cloud
Wednesday, November 7, 2018 - 11:30am to 12:30pm

Modern Security with Microservices and the Cloud

Add to calendar

It's great that you've moved to microservices, but how are you handling security and distributing secrets? Traditional architectures use perimeter-based security, but you can't exactly wrap the cloud in your own personal firewall. Many organizations are practicing "lift and shift" to leverage the cloud, but then find themselves at the end of failed compliance audits. Seth Vargo will highlight the new security challenges associated with using cloud technologies and microservices, then showcase techniques for solving those challenges. Using HashiCorp Vault, a free and open source secrets management tool, he'll show the primitive requirements for secrets management in a microservices- and cloud-based world to help organizations "move and improve." You'll learn techniques such as dynamic, auto-rotating credentials, encryption as a service, PKI infrastructure, and role-based access controls (RBAC), and leave with an understanding of the challenges of modern security in the cloud, strategies for updating existing applications to reduce attack surfaces, and probably a moderate sense of paranoia.


Seth Vargo

Seth Vargo is a developer advocate at Google. Previously he worked at HashiCorp, Chef Software, CustomInk, and a few Pittsburgh-based startups. He is the coauthor of Learning Chef and is passionate about reducing inequality in technology. When he is not writing, working on open source, teaching, or speaking at conferences, Seth enjoys spending time with his friends and advising nonprofits.