AppSec Europe 2016 has ended
Back To Schedule
Thursday, June 30 • 15:00 - 15:45
Building secure cloud-native applications with spring boot and spring security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

In this talk Andreas will present how to build a secure cloud-native application using spring boot and spring security.
After a quick introduction the session starts with a live coding demo building a completely new web application already having a solid base level of security (including authentication, authorization, csrf protection and security headers) in just minutes.

Throughout this talk you will learn step-by-step how to 

- implement integration tests to verify both web- and method-layer authorization
- easily add ssl transport security already at development stage
- break up the application in "cloud-native" microservices using Rest calls 
secured by OAuth2
- extend the application with runtime application self protection (RASP) using 
the OWASP AppSensor

All steps will also be accompanied by short demos.

Based on a daily work experience of developing enterprise ready applications, best practices to integrate security in the agile development process will be presented as well.

avatar for Andreas Falk

Andreas Falk

Lead of Agile Security, Novatec Consulting
Andreas Falk has been working in enterprise application development projects for more than twenty years. Currently, he is working as a managing consultant for Novatec Consulting, located in Germany. In various projects, he has since been around as an architect, coach, and developer... Read More →

Thursday June 30, 2016 15:00 - 15:45 CEST
Room B (Tiziano Ballroom Sec. 1)