A monolithic video processing application faces challenges with scaling, high costs from idle power, and a lack of reliability.
The application is broken down into distinct services like an API, a message broker, a transcoding worker, and S3 storage.
The initial step of containerization reveals that official base images often contain known vulnerabilities, highlighting supply chain risks.
Breaking down the application creates new trust boundaries between frontend and backend components, requiring robust authentication and authorization.
AWS S3 access is controlled using bucket policies for broad rules and pre-signed URLs for providing temporary, specific access to objects.
An AWS Lambda function can be triggered on file uploads to S3 to perform validation and prevent attackers from hosting malicious content.
A vulnerability in a transcoding library like FFmpeg can be exploited through a malicious file, leading to code execution and access to secrets within the container.
While microservices increase the attack surface and complexity, they offer better isolation, making privilege escalation more difficult than in a monolith.
The speaker answers audience questions about using AI in security, starting new projects, and identifying threats in a microservice architecture.
Bitpanda
Vienna, Austria
29:34Reto Kaeser
33:20Aarno Aukia
44:30Milecia McGregor
37:32Martin Schmiedecker
51:41Panel Discussion
37:36Vandana Verma
1:48:32Thomas Südbröcker
50:06Jens Happe
.gif?w=240&auto=compress,format)
Jobs that call for the skills explored in this talk.
Decentralized Masters
Charing Cross, United Kingdom
D-Wave Quantum Inc.
Portland, United States of America
Amazon.com, Inc
Charing Cross, United Kingdom
Akamai Technologies
Cambridge, United States of America
