Useful Links
Computer Science
Cybersecurity
Microservices Security
1. Introduction to Microservices Security
2. Identity and Access Management (IAM)
3. Securing Service-to-Service Communication
4. Secrets Management
5. Container and Orchestration Security
6. Observability and Threat Detection
7. Advanced Security Concepts and Practices
Securing Service-to-Service Communication
Transport Layer Security
Enforcing TLS for All Traffic
TLS Configuration Best Practices
Certificate Authorities
TLS Version Requirements
Mutual TLS (mTLS) for Service Identity Verification
Service Identity Management
Certificate Rotation Strategies
mTLS Implementation Patterns
Certificate Management and Rotation
Automated Certificate Provisioning
Expiry Monitoring and Renewal
Certificate Revocation
API Gateways
Role in Security
Single Point of Entry
Centralized Policy Enforcement
Traffic Aggregation
Authentication and Authorization Offloading
Delegation to Gateway
Token Validation
Rate Limiting and Throttling
Preventing Abuse and DoS
Traffic Shaping
Request/Response Transformation and Validation
Input Validation
Output Filtering
Schema Validation
API Gateway Security Best Practices
Gateway Hardening
Logging and Auditing at the Gateway
High Availability Considerations
Service Mesh
Core Concepts
Control Plane
Configuration Management
Policy Distribution
Service Discovery
Data Plane (Sidecar Proxies)
Traffic Interception
Local Policy Enforcement
Load Balancing
Security Features
Automated mTLS
Transparent Encryption
Key Management
Certificate Lifecycle
Fine-grained Traffic Policies
Access Control Lists
Traffic Shaping
Circuit Breaking
Egress and Ingress Control
External Communication Restrictions
Service Whitelisting/Blacklisting
Traffic Routing Rules
Centralized Authorization Policies
Policy Synchronization
Auditing Policy Decisions
Policy Versioning
Previous
2. Identity and Access Management (IAM)
Go to top
Next
4. Secrets Management