FREE CloudSecNext Summit | Jun 3-4: At this global event, stay informed with what's next in cloud security. Register now!


To attend this webcast, login to your SANS Account or create your Account.

Hardening Microservices Security: Building a Layered Defense Strategy

  • Wednesday, September 21, 2016 at 1:00 PM EDT (2016-09-21 17:00:00 UTC)
  • Matthew Silverlock, David Hoelzer


  • CloudFlare

You can now attend the webcast using your mobile device!



Microservices architecture is forcing developers to not only rethink how they design and develop applications, but also common security assumptions and practices.

With the decomposition of traditional applications, each microservice instance represents a unique network endpoint, creating a distributed attack surface that is no longer limited to a few isolated servers or IP addresses.

In this webinar we will discuss:

  • How microservices differ from SOA or monolithic architectures
  • Best practices for adopting and deploying secure microservices for production use
  • Avoiding continuous delivery of new vulnerabilities
  • Limiting attack vectors on a growing number of API endpoints
  • Protecting Internet-facing services from resource exhaustion

Speaker Bios

David Hoelzer

David Hoelzer is a SANS fellow instructor, courseware author and dean of faculty for the SANS Technology Institute. In addition to bringing the GIAC Security Expert certification to life, he has held practically every IT and security role during his career. David is a research fellow in the Center for Cybermedia Research, the Identity Theft and Financial Fraud Research Operations Center (ITFF/ROC), and the Internet Forensics Lab. Currently, David serves as the principal examiner and director of research for a New York/Las Vegas-based incident response and forensics company and is the chief information security officer for an open source security software solution provider.

Matthew Silverlock

Matt is a Solutions Engineer at CloudFlare, working with customers large-and-small to help secure their websites. He's also an active contributor to a handful of open-source projects that relate to securing REST APIs (and therefore, micro-services) and web services, and making it as easy as possible to do so. Prior to CloudFlare, Matt was a Telecoms Engineer working in the SCADA and radio communications industry."

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.