Overview What You Will Learn Curriculum Instructor

Course Overview

Around 2014 microservices became a buzzword. Today, microservices is a dominant architecture style for building distributed systems. However, there is no consensual definition of what is a microservice, or what are the guiding principles for designing and implementing microservices. 

Microservices expose services that are visible on your intranet or the Internet (e.g., HTTP endpoints of public APIs). Moreover, they often communicate through messages that use text-based formats that carry data and metadata (e.g., JSON). The security of microservices becomes critical for protecting the privacy and integrity of your data and services. However, it is a challenging task, as it involves four different aspects:

  • Security of data communication
  • Authentication and authorization
  • Application development security 
  • Monitoring and observability

These four aspects sound generic. Microservice is an architecture style of the cloud computing and DevOps era. In addition, microservices usually run as docker containers in a container orchestration platform. In this course, we explain and discuss strategies and technologies to address these four aspects of microservice security in a technology scenario that involves the cloud, DevOps, and container orchestration. 

The main goal of the course is to provide an overarching description of security requirements and existing alternatives for microservice security. We want to help your team and your organization to create microservice architectures and to offer a runtime infrastructure for them that can address the most stringent security requirements.

What You Will Learn

  • What is a microservice in practice
  • the main types of services and technologies involved in creating and running microservices?
  • Strategies to provide authentication and authorization to microservices
  • What tools and practices should be used in CI/CD pipelines to check for vulnerabilities in your code base
  • docker images
  • and libraries?
  • Types of tools that can be used to help detect
  • resist
  • react to
  • and recover from attacks. These types of tools include service mesh
  • API gateway
  • application monitoring
  • and log consolidation.
  • Good practices to configure security for microservices in a Kubernetes cluster.

Program Curriculum

  • Course Introduction and Basic Service-related Concepts
  • Defining Microservice, Microservices in Practice
  • Benefits and Challenges of Microservices
  • Main Types of Microservices
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • Microservice Security Challenges and How to Address Them
  • Security of Data Communication for REST Services
  • Additional Mechanisms to Protect Data Communication
  • API Gateway
  • Service Mesh
  • Chapter 2 Quiz

  • Core Concepts Related to Authentication
  • Core Concepts Related to Authorization
  • The JWT Standard
  • OAuth 2.0
  • Open ID Connect
  • Authentication and Authorization for REST Services with JWT
  • Authentication and Authorization for Asynchronous Services
  • Chapter 3 Quiz

  • Security in the Software Lifecycle
  • Awareness of Application Security
  • Analyzing the Application Code
  • Dependency Analysis
  • Docker Image Scanning
  • Infrastructure as Code Security
  • Secrets Management
  • Chapter 4 Quiz

  • Security Tools in a Microservice Runtime Infrastructure
  • Monitoring
  • Log Consolidation
  • Error Tracking and Distributed Tracing
  • Chapter 5 Quiz

  • Course Takeaways
  • Thank You and Contact Information
Load more modules

Instructor

Paulo Merson

Paulo Merson has been programming in the small and programming in the large for over 30 years. He's a dev at the Brazilian Federal Court of Accounts, adjunct faculty in the Masters of Software Engineering program at Carnegie Mellon University, and faculty in the University of Brasilia master's program in Applied Computing. He often delivers professional training to fellow devs in the US and Europe. His speaking experience also includes talks at DDD Europe, OOP, XP Agile, JavaOne, SPLASH/OOPSLA, SATURN, and lectures to grad students in different universities. Paulo holds a BSc in CS from the University of Brasilia and a Master of Software Engineering from Carnegie Mellon University.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Fastest Way to Level Up Your Cybersecurity Skills

Invest in your future with flexible subscription plans that give you access to the world’s largest online cybersecurity course library. Whether you're exploring cybersecurity courses for beginners or advancing your expertise,
access in-demand courses, practical labs, and CTF challenges designed to support continuous learning.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Build your cybersecurity skills with 900+ bite-sized courses and curated learning paths designed for continuous learning.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 880+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Develop real-world cybersecurity skills through hands-on labs and CTF challenges designed for practical learning.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro, Plus:

  • 1600+ Hands-on lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Hands-on Labs and Challenges added every month

Related Courses

  • Bootstrap 4 Quick Website Bootstrap Components Course
    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches
    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course
    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS
    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training
    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes
    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally
    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

  • Mastering Ansible Playbooks: Debugging and Security
    Short Course

    Mastering Ansible Playbooks: Debugging and Security

    Software Development

    Securing and Automating Linux and Windows Systems with Advanc...

    $99.99

    Advanced

    5 hr 34 m

1 50
View all