The Cloud Security Alliance (CSA) published Microservices Architecture Pattern: A Proposed Architectural Pattern to Engineer Trustworthy Secure Systems. The document describes the critical elements of the Microservices Architecture Pattern (MAP) and how they should be designed and deployed to shift security and compliance left via a continuous compliance-as-code approach.
To conduct research on the security of application containers
The guidance gives application developers and architects and anyone responsible for or interested in application containers and microservices security a repeatable approach to architecting, developing, and deploying MAP.
Anil Karmel, the paper’s co-editor and Application Containers and Microservices Working Group co-chair, said,
“With this document, we are attempting to span the last leg of ‘shift left’ by applying control overlays to the software before the code exits the development environment. To ensure that security is properly embedded from the very beginning of the development process, it’s imperative that teams can debate security and software design simultaneously.”
The Application Containers and Microservices Working Group was established to conduct research on the security of application containers and microservices and publish guidance and best practices for the secure use of application containers and microservices.