Reinhard Kugler

Security Challenges of Breaking A Monolith

How can a single vulnerability in one container compromise your entire system? Discover the hidden security risks of breaking up a monolith.

Security Challenges of Breaking A Monolith
#1about 7 minutes

Understanding the problems with a monolithic architecture

A monolithic video processing application faces challenges with scaling, high costs from idle power, and a lack of reliability.

#2about 2 minutes

Decomposing the monolith into a microservice architecture

The application is broken down into distinct services like an API, a message broker, a transcoding worker, and S3 storage.

#3about 2 minutes

Securing container images and the software supply chain

The initial step of containerization reveals that official base images often contain known vulnerabilities, highlighting supply chain risks.

#4about 4 minutes

Defining trust boundaries for authentication and authorization

Breaking down the application creates new trust boundaries between frontend and backend components, requiring robust authentication and authorization.

#5about 8 minutes

Using bucket policies and pre-signed URLs for S3 access

AWS S3 access is controlled using bucket policies for broad rules and pre-signed URLs for providing temporary, specific access to objects.

#6about 3 minutes

Preventing malicious uploads with input validation

An AWS Lambda function can be triggered on file uploads to S3 to perform validation and prevent attackers from hosting malicious content.

#7about 5 minutes

Analyzing the impact of a container vulnerability

A vulnerability in a transcoding library like FFmpeg can be exploited through a malicious file, leading to code execution and access to secrets within the container.

#8about 2 minutes

Comparing security trade-offs of monoliths vs microservices

While microservices increase the attack surface and complexity, they offer better isolation, making privilege escalation more difficult than in a monolith.

#9about 11 minutes

Q&A on microservice architecture and security

The speaker answers audience questions about using AI in security, starting new projects, and identifying threats in a microservice architecture.

Related jobs
Jobs that call for the skills explored in this talk.

Featured Partners

Related Videos

You can’t hack what you can’t see29:34

You can’t hack what you can’t see

Reto Kaeser

DevSecOps: Security in DevOps33:20

DevSecOps: Security in DevOps

Aarno Aukia

Securing Your Web Application Pipeline From Intruders44:30

Securing Your Web Application Pipeline From Intruders

Milecia McGregor

Cyber Security: Small, and Large!37:32

Cyber Security: Small, and Large!

Martin Schmiedecker

Climate vs. Weather: How Do We Sustainably Make Software More Secure?51:41

Climate vs. Weather: How Do We Sustainably Make Software More Secure?

Panel Discussion

Maturity assessment for technicians or how I learned to love OWASP SAMM1:41:05

Maturity assessment for technicians or how I learned to love OWASP SAMM

Mathias Tausig

Get started with securing your cloud-native Java microservices applications1:48:32

Get started with securing your cloud-native Java microservices applications

Thomas Südbröcker

Walking into the era of Supply Chain Risks37:36

Walking into the era of Supply Chain Risks

Vandana Verma

From learning to earning

Jobs that call for the skills explored in this talk.

Rust and GoLang

Rust and GoLang

NHe4a GmbH
Karlsruhe, Germany

Remote
55-65K
Intermediate
Senior
Go
Rust

Security Engineer

freiheit.com technologies gmbh
Hamburg, Germany

Unix
Azure
Docker
Terraform
Kubernetes
+3