Microservices Security in Action teaches readers how to secure their microservices applications code and infrastructure.

After a straightforward introduction to the challenges of microservices security, the book covers fundamentals to secure both the application perimeter and service-to-service communication. Following a hands-on example, readers explore how to deploy and secure microservices behind an API gateway as well as how to access microservices accessed by a single-page application (SPA).

Key Features

• Key microservices security fundamentals
• Securing service-to-service communication with mTLS and JWT
• Deploying and securing microservices with Docker
• Using Kubernetes security
• Securing event-driven microservices
• Using the Istio Service Mesh

For developers well-versed in microservices design principles who have a basic familiarity with Java.

About the technology

As microservices continue to change enterprise application systems, developers and architects must learn to integrate security into their design and implementation. Because microservices are created as a system of independent components, each a possible point of failure, they can multiply the security risk.

Prabath Siriwardena is the vice president of security architecture at WSO2, a company that produces open source software, and has more than 12 years of experience in the identity management and security domain.

Nuwan Dias is the director of API architecture at WSO2 and has worked in the software industry for more than 7 years, most of which he spent focusing on the API management domain. Both have helped build security designs for Fortune 500 companies including Boeing, Verizon, Nissan, HP, and GE.