Now that we have a robust microservices architecture, the task of covering security vulnerabilities becomes more and more essential. In this chapter, security and vulnerability go hand in hand. We’ll define vulnerability as a weakness or flaw presented in an application. Of course, all systems have vulnerabilities, but the big difference lies in whether these vulnerabilities are exploited and cause harm.
Mentioning security often causes an involuntary groan from developers. Among developers, we hear comments such as, “It’s obtuse, hard to understand, and even harder to debug.” Yet, we won’t find any developer (except for maybe an inexperienced developer) who says that they don’t worry about security. Securing a microservices architecture is a complex and laborious task that involves multiple layers of protection, including these: