Skip to main content

Posts

Showing posts from July, 2019

Deals You Can't Miss

1 Year Subscription

Securing Microservices in the Cloud

Securing Micro-services is a tall order objective. Like any other thing in the realm of software development, there are a lot of tings to be taken into consideration on the approach to be taken in securing micro-services. There is no panacea for all threats. And assuming even if one exists, attempting to secure every service with highest levels using a single mechanism is simply over-doing the task that dampens other non-functional requirements (performance and scale). So what are some of the things to take into account for security? The answer to that would be to ask yourself the following questions: Who are the direct consumers to that service? Or is your service external-facing exposed to the internet or just an internal service? API Gateway Pattern is a very popular pattern for securing edge-services by handling authentication and service discovery. Each external request is signed, which provides additional layer of authentication.  For internal services, isn't the fire