Security is one of the most important cross-cutting concerns for web applications. Unfortunately, data breaches of well-known sites seem common news these days. Taking this into account, information and application security has become critical to web applications. For the same reason, secure applications now should not be an afterthought. Security is everyone's responsibility in an organization.
Monolithic applications have less surface area when compared to microservices. However, microservices are distributed systems by nature. Also, in principle, microservices are isolated from each other. Hence, well-implemented microservices are more secure, compared to monolithic applications. Monolith has different attack vectors compared to microservices. The microservice architectural style forces us to think differently in the context of security. However, let me tell you upfront, microservice security is a complex domain to understand and implement.
Before we deep dive into...