Securing Multi-cloud, Portable, N-Tier Microservices Applications

Title: Securing the Multi-cloud, Portable, *-Tier Microservice Application: A live demo on Cloud-Native Application Security Platforms: Curiefense, Deepfense, Sysdig, Snyk Code, and Aqua Security Trivy & tfsec

Securing the Multi-cloud, Portable, *-Tier Microservice Application that potentially run anywhere such as an on-premise K8S, or on multiple cloud (AKS, EKS, GKE, etc) can truly be a real challenge to microservices developers (yours truly!) and security folks alike.

In this session, we will see how some open-source cloud-native platforms can make developers' lives a little easier (phew!). There will be a live demo on Curiefense, an open source, Envoy-Based cloud native security platform. Envoy is an open source edge and service proxy, designed for cloud-native applications.

There will also be a demo on Snyk Code and Sysdig.

Finally we will see how developers can integrate Aqua Security Trivy into their CI tool to scan for vulnerabilities in docker images and learn how to secure IAC with tfsec, a static analysis security scanner for Terraform.

Speaker: Nathan Aw
Nathan Aw is first and foremost a microservices developer then turned AppSec architect working in an end-user environment in a financial institution. His passion is for building secure, scalable polyglot microservices that can run anywhere and scale limitlessly.