As microservices replace monolithic applications, they're proving to be more flexible, but also more complex to secure and protect
The benefits of microservices architecture -- smaller development teams,
faster release cycles, fewer dependencies, less risk -- are becoming
widely known, thanks to companies like Amazon, Google, and Netflix
sharing their experiences. Less widely understood are the security
challenges introduced by this new paradigm, but the engineers in the
vanguard have wisdom to offer on this front as well.
You need to keep in mind more than a few details before you rip the
wrapping off the shiny new app containers. Instead of securing one
monolithic app or a couple, you're now responsible for perhaps dozens of
smaller services, all capable of interacting with each other in a
number of ways. What's more, you're trying to secure those services from
outside attack and internal misuse, deliberate or not.
