Reinhard Kugler
Security Challenges of Breaking A Monolith
#1about 7 minutes
Understanding the problems with a monolithic architecture
A monolithic video processing application faces challenges with scaling, high costs from idle power, and a lack of reliability.
#2about 2 minutes
Decomposing the monolith into a microservice architecture
The application is broken down into distinct services like an API, a message broker, a transcoding worker, and S3 storage.
#3about 2 minutes
Securing container images and the software supply chain
The initial step of containerization reveals that official base images often contain known vulnerabilities, highlighting supply chain risks.
#4about 4 minutes
Defining trust boundaries for authentication and authorization
Breaking down the application creates new trust boundaries between frontend and backend components, requiring robust authentication and authorization.
#5about 8 minutes
Using bucket policies and pre-signed URLs for S3 access
AWS S3 access is controlled using bucket policies for broad rules and pre-signed URLs for providing temporary, specific access to objects.
#6about 3 minutes
Preventing malicious uploads with input validation
An AWS Lambda function can be triggered on file uploads to S3 to perform validation and prevent attackers from hosting malicious content.
#7about 5 minutes
Analyzing the impact of a container vulnerability
A vulnerability in a transcoding library like FFmpeg can be exploited through a malicious file, leading to code execution and access to secrets within the container.
#8about 2 minutes
Comparing security trade-offs of monoliths vs microservices
While microservices increase the attack surface and complexity, they offer better isolation, making privilege escalation more difficult than in a monolith.
#9about 11 minutes
Q&A on microservice architecture and security
The speaker answers audience questions about using AI in security, starting new projects, and identifying threats in a microservice architecture.
Related jobs
Jobs that call for the skills explored in this talk.
Matching moments
33:55 MIN
Audience Q&A on practical micro-frontend challenges
Micro-frontends anti-patterns
03:19 MIN
Break down monolithic problems into microservices
End the Monolith! Lessons learned adopting Serverless
18:57 MIN
Moving from perimeter defense to workload microsegmentation
You can’t hack what you can’t see
02:54 MIN
Moving beyond the "it just works" developer mindset
Don't Be A Naive Developer: How To Avoid Basic Cybersecurity Mistakes
16:17 MIN
Building and securing the new microservices architecture
How to Destroy a Monolith?
45:12 MIN
Q&A on monitoring, security, and monorepos
Get ready for operations by pull requests
17:15 MIN
The dangers of the distributed monolith anti-pattern
Cloud Chaos and Microservices Mayhem
56:21 MIN
Security best practices for containers and Kubernetes
Microservices: how to get started with Spring Boot and Kubernetes
Featured Partners
Related Videos
50:06Single Server, Global Reach: Running a Worldwide Marketplace on Bare Metal in a Cloud-Dominated World
Jens Happe
29:34You can’t hack what you can’t see
Reto Kaeser
33:20DevSecOps: Security in DevOps
Aarno Aukia
29:38Answering the Million Dollar Question: Why did I Break Production?
Luís Ventura
35:30Full Spectrum File Uploads
Austin Gil
47:34Architecting API Security
Philippe De Ryck
25:05Microservices? Monoliths? An Annoying Discussion!
Eberhard Wolff
24:47Supply Chain Security and the Real World: Lessons From Incidents
Adrian Mouat
From learning to earning
Jobs that call for the skills explored in this talk.
DevOps Engineer – Kubernetes & Cloud (m/w/d)
epostbox epb GmbH
Berlin, Germany
Intermediate
Senior
DevOps
Kubernetes
Cloud (AWS/Google/Azure)
Operational Security Engineer - Windows & Azure Cloud
Rocken AG
Azure
Powershell
Windows Server
Network Security