Organised by IBM and Trifork, please register here: tinyurl.com/ibm-security-event
We will be giving away 15 free, hand-signed copies of Adrian Mouat's book "Using Docker" - shop.oreilly.com/product/[masked].do
1. Talk: Microservice Security: how to use Docker safely in Production (Adrian Mouat)
Adrian Mouat, Chief Scientist at Container Solutions and the author of the O'Reilly book "Using Docker", will give you his insights on how Docker is used as basis of all modern microservice architectures. This Strategy&Tech Talk will discuss the issues surrounding container security and the principle philosophies to apply when designing a secure system.Specific advice and tips will be given on how to secure a container based system, including how to limit the privileges of containers and avoid common mistakes.
2. Talk: Microservice vs. DevOps - How AppSec pipelines secure your delivery process (Maximilian Schöfmann)
This talk discusses the challenges applying DevOps practices like Continuous Delivery in the presence of classic enterprise security procedures. We'll introduce the concept of AppSec pipelines and how they can act as building block to secure the delivery process for software in DevOps organisations. Finally we'll demo how such a pipeline can be built and parallelised using Docker to give developers fast feedback after code changes.
3. Talk: IBM API Management for Securing MicroServices (Romeo Kienzler)
The Cloud and Data Science industry currently moves to an API based economy. But securing of Internet Accessible APIs is a non-trivial task. First, a user management has to be in place in order to distinguish among the different requests to either allow or block them or even prioritise them based on SLAs. Users have to be mapped to different plans and charged on their usage. Then, often these APIs are not provided for free, instead users are charged on their usage - in most of the cases on a call volume basis. Finally, APIs are public HTTPS endpoints discoverable by hackers. So a denial of service attack protection as well as a Application Layer Firewall is needed to prevent this. In this talk I'll introduce the IBM API Management Service capable of providing all these functions.
Register here: tinyurl.com/ibm-security-event