DeveloperWeek New York 2020 is the East Coast’s largest developer & software engineering conference & expo with tracks covering Javascript, API & Microservices, Containers & Kubernetes, Blockchain, AI, Machine Learning & Data Science and more!
Get your free open pass here and a promotion code with a $150 discount will be applied automatically to your order — making your OPEN Pass completely free (or allowing you to purchase a PRO or Premium Pass at a $150 discount).
API Security in a Kubernetes World
– EST
The publication of the OWASP API Security Top 10 marks a corner stone in the API Security history. Finally, there is a global recognition that applications based on APIs require different protection. In the past year or so, more than 200 breaches have been published on apisecurity.io. Some very well known names are on that list: T-Mobile, Facebook, and Uber to name a few. What did they do wrong? How can we learn from their mistakes and take an approach that prevents most common API security issues.
The Kubernetes specifics:
API security is not specific to Kubernetes. But Kubernetes deployments, usually created to run microservices-based, decoupled applications, make some API security worse. To start with, the sheer number of APIs to manage and protect. In Kubernetes deployments, everything is an API. Enterprises end up having to protect 1000’s of endpoints, and to make it worse, those endpoints get re-deployed very frequently. DevSecOps anyone?
Pragmatism is key:
Our goal in this talk is to share pragmatic, direct actionable best practices. We present a methodology to “pick your battles” and focus on the most critical issues first. You will leave this with either the great satisfaction that you’ve already done a good job to protect your APIs or an actionable TO-DO list to address immediate issues.
Location
Get API Security news directly in your Inbox.
By clicking Subscribe you agree to our Data Policy
