Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, June 30 • 15:00 - 15:45
Building secure cloud-native applications with spring boot and spring security

Sign up or log in to save this to your schedule and see who's attending!

In this talk Andreas will present how to build a secure cloud-native application using spring boot and spring security.
After a quick introduction the session starts with a live coding demo building a completely new web application already having a solid base level of security (including authentication, authorization, csrf protection and security headers) in just minutes.

Throughout this talk you will learn step-by-step how to 

- implement integration tests to verify both web- and method-layer authorization
- easily add ssl transport security already at development stage
- break up the application in "cloud-native" microservices using Rest calls 
secured by OAuth2
- extend the application with runtime application self protection (RASP) using 
the OWASP AppSensor

All steps will also be accompanied by short demos.

Based on a daily work experience of developing enterprise ready applications, best practices to integrate security in the agile development process will be presented as well.

Speakers
avatar for Andreas Falk

Andreas Falk

Managing Consultant, NovaTec Consulting GmbH
Andreas Falk (@andifalk, @agile_security) has more than twenty years of experience in development of enterprise IT projects. Currently he is working for NovaTec Consulting GmbH (located in Stuttgart, Germany) as a Managing Consultant. Since then he has been around in several projects in different roles as a consultant, architect, scrum master, coach, developer and tester. His focus is on agile development with Java EE and Spring, application... Read More →


Thursday June 30, 2016 15:00 - 15:45
Room B (Tiziano Ballroom Sec. 1)