Andreas is an expert in Identity & Access Management and a proponent of the serverless methodology.
Because getting to a shared understanding with the business is more important than technical solutions, he’s into approaches like Domain-Driven Design and Collaborative Modeling.
He’s from the community for the community and organizes several meetup groups in Berlin like @DDDBER, @fullstack_JS and @ServerlessBER.
Serverless Auth and Secrets Management
For your business it is more important than ever to protect applications, services and customer data from attackers. If you want to stay competitive, knowing how to efficiently and easily apply security and auth while being aware of the most common pitfalls is key in today’s serverless world.
Traditional machine-to-machine auth approaches where you can rely on a statefull environment fall short in a modern serverless and thus stateless world. With this talk you’ll make an important step towards public-cloud-readiness and a future-proof “Zero Trust” architecture. After a short recap of some auth fundamentals, you’ll learn how to efficiently apply authentication to each, AWS cloud & Azure cloud, using the managed Identity Provider Auth0, OAuth 2, JsonWebToken (JWT) and a serverless secrets management system.
Securing Serverless Apps, APIs & Microservices
When moving to the cloud, even big enterprises make mistakes by not having the needed security in place. This can lead to severe security breaches and loss of your customers’ data. Don’t let that happen to you!
You will learn how to apply current security best practices and you’ll make an important step towards public-cloud-readiness and a future-proof “Zero Trust” architecture.
After the workshop you’ll have created a production-ready, secure and GDPR-compliant setup that you can easily build upon and extend.
For that we’ll use the Identity Provider Auth0, Azure Functions and the secrets management system Azure Key Vault.