From the course: Microservices: Security
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
MTLS
- [Instructor] Identity plays an important role in digital security and microservices are not an exception. Some microservice security schemes choose to simply trust the network after a request has passed a certain point in the architecture. Services within a certain segment of the network are simply permitted to call each other without any scrutiny of the request or identification of the calling party. This breaks the important concept of defense in depth and creates a major vulnerability if an attacker breaches the network because they now have unimpeded access to the microservices in a deployment. Large segments of the network shouldn't be established as trust boundaries. Instead, the trust boundary should be the microservice itself. The microservice should not trust any external information or parties by default. Instead, the microservice should verify the identity of any calling party and the integrity of the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.