Explore a comprehensive overview of securing modern API and microservice-based applications in this 45-minute conference talk from LASCON 2019. Gain a high-level understanding of contemporary API and microservices architectures, learn about key security concerns, and discover best practices for securing microservices and their APIs. Benefit from the speaker's extensive experience in building security architecture patterns and solutions for a major global financial institution, and acquire actionable architectural insights. Delve into topics such as monolithic vs. microservice applications, service-oriented architecture, API gateways, security benefits, user-level security context, end-to-end trust, service-level mutual authentication, token exchange, authorization, rate limiting, and group policy.