Securing Microservices

2 Day Workshop

A hands-on workshop exploring techniques to secure microservices and docker


Microservices are all the rage at the moment, but knowledge about how to make secure microservices isn't that widely shared. The hardest part for engineers is cutting through the theory and putting their new knowledge into practice.

In this new two day workshop, I partner with and Adrian Mouat, author of Using Docker and Chief Scientist at Container Solutions, to take participants from theory to practice. We'll answer questions about the different pressures that drive how you use microservices, and help you fold in security thinking to the evolution of your architecture. Along the way, participants will take a look at how domain driven design drives microservices and how to hack and then secure a vulnerable microservice architecture.

This workshop will cover

  • What makes a good microservice.
  • How to use concepts from domain driven design to define service boundaries.
  • How to plan and manage a migration from a monolith to the microservice architecture. Understanding how technical choices can impact the architecture itself.
  • How to help prevent and detect malicious attack. How to respond to a security incident, and recover afterwards.
  • Specific challenges with security in distributed systems, including managing secrets, authorisation and authentication, and transport security.


This course works at the intersection of design and application security. It is ideal for developers and operations engineers who are considering moving to microservices, or are already on the path. Those involved in technical leadership positions like tech leads and architects would benefit tremendously from this course and the materials provided

Attendee Requirements

No prior knowledge of microservices, distributed systems, Docker or application security is required, but may be helpful.

Attendees will need to bring their own laptop with an SSH client installed.

Find More Talks