Loading…
AppSec Europe 2016 has ended
View analytic
Thursday, June 30 • 15:00 - 15:45
Building secure cloud-native applications with spring boot and spring security

Sign up or log in to save this to your schedule and see who's attending!

In this talk Andreas will present how to build a secure cloud-native application using spring boot and spring security.
After a quick introduction the session starts with a live coding demo building a completely new web application already having a solid base level of security (including authentication, authorization, csrf protection and security headers) in just minutes.

Throughout this talk you will learn step-by-step how to 

- implement integration tests to verify both web- and method-layer authorization
- easily add ssl transport security already at development stage
- break up the application in "cloud-native" microservices using Rest calls 
secured by OAuth2
- extend the application with runtime application self protection (RASP) using 
the OWASP AppSensor

All steps will also be accompanied by short demos.

Based on a daily work experience of developing enterprise ready applications, best practices to integrate security in the agile development process will be presented as well.

Speakers
avatar for Andreas Falk

Andreas Falk

Managing Consultant, NovaTec Consulting GmbH
Andreas Falk (@andifalk) has been working in enterprise application development projects for more than twenty years. He is working as managing consultant for NovaTec Consulting GmbH in Germany since five years. | In various projects, he has since been around as consultant, architect... Read More →


Thursday June 30, 2016 15:00 - 15:45
Room B (Tiziano Ballroom Sec. 1)