The video on-demand of this session is available to logged in QCon attendees only. Please login to your QCon account to watch the session.

Session + Live Q&A

Securing Microservices: Preventing Vulnerability Traversal

One of the advantages of microservices architecture is that teams can develop, maintain, and deploy each microservice independently. With single-responsibility, services can be scaled separately as required and doing so with a DevOps mentality substantially improves agility. 

How do we secure microservices and their deployments? Who owns what? Do we know what is in our microservices? Preventing vulnerability traversal is a must. Systems must be designed securely, and security as an afterthought does not scale. Platform engineers and SREs need to quickly identify owners and fix deployment vulnerabilities from inception to production. If log4j taught us anything, teams must have ownership, accountability and the power to make changes fast to keep their systems secure.

In this session, we’ll be looking at OWASP recommendations and Kubernetes best practices to find out more about how to secure your microservices and reduce vulnerability traversal.


Stefania Chaplin

Solutions Architect @GitLab

Stefania’s experience as a Solutions Architect within Cybersecurity, DevSecOps and OSS governance means she's helped countless organisations understand and implement security throughout their SDLC. As a python developer at heart, Stefania enjoys optimising and improving operational...

Read more


Tuesday May 17 / 12:20PM EDT (50 minutes)


Effective Microservices: What It Takes to Get the Most Out of This Approach


MicroservicesArchitectureApplication SecuritySecurityDevops

Add to Calendar

Add to calendar


From the same track

Session + Live Q&A Microservices

Airbnb at Scale

Tuesday May 17 / 01:30PM EDT

In 2018, Airbnb embarked on a high-stakes journey to transform our technology architecture from a monolithic Ruby app to a more scalable Service-Oriented Architecture (SOA). Three years on, we are in a good place to look back at what we have accomplished and reflect on where we are. In this talk,...

Selina Liu

Senior Software Engineer @Airbnb

Session Microservices

Pump It Up! Actually Gaining Benefit From Cloud Native Microservices

Tuesday May 17 / 10:00AM EDT

Please note: there will be no live Q&A after this session.So many organisations have flocked to 'cloud native', running containerised microservices on the public or private cloud, only to find the promised benefits fail to materialise. And we’ve seen the same...

Sam Newman

Microservice, Cloud, CI/CD Expert

Session + Live Q&A Microservices

No Next Next: Fighting Entropy in Your Microservices Architecture

Tuesday May 17 / 11:10AM EDT

Great! You’ve created your microservices architecture and you are reaping the benefits of independently deployable units and teams being wholly responsible for services. But a few years on and things aren’t quite as simple, clean and independent as they were originally. Maintaining...

Anna Shipman

Technical Director for Customer Products @FinancialTimes

View full Schedule