AppSec USA 2017 has ended
Back To Schedule
Thursday, September 21 • 11:30am - 12:15pm
Top 10 Security Best Practices to secure your Microservices

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

I have worked on enterprise APIs being used by millions of users worldwide both as a Enterprise Security Architect and as a developer building these services. In this session, I will talk about Top 10 ways to design and build secure Microservices to protect your users and your reputation. This top 10 list includes:


1. Use the latest version of TLS

2. Designing a secure Infrastructure and Network whether on prem or in cloud

3. Best Practices in Authentication to authentication your clients or end users.

4. Authorization of your end users or clients so they get just the right access based on least privilege and need to know.

5. Protecting your APIs against Distributed Denial of Service by using patterns such as Rate Limiting, Throttling, Daily limits etc.

6. Alerting and Monitoring your APIs to detect abnormal patterns and security issues.

7. API resiliency that directly affects Availability of your Microservices.

8. Encrypting & Hashing sensitive data - at rest and/or in transit - in memory, in cache and in db, in transit, in UI

9. Key management security

10. Session Management best practices


avatar for Chintan Jain

Chintan Jain

SVP, Security Engineering & Architecture, Security Mantra Corporation
Chintan Jain is an accomplished cyber security visionary, technology and thought leader with more than 15 years of rich full cycle experience in Cyber Security Engineering & Architecture mainly in the areas of Identity & Access Management, Application, Infrastructure and Cloud Security... Read More →

Thursday September 21, 2017 11:30am - 12:15pm EDT
Fiesta 6