As a developer you maybe ask yourself: "How to get started to secure my Cloud Native Java application " In this session we focus on how to get started with application security from two perspectives: - Authentication and authorization implementation - Platform security that includes following topics: - How to implement authorization and authentication with the Open Source Identity and Access Management system Keycloak and JSON Web Tokens (JWT) - How to secure external access to a Kubernetes cluster with TLS - How to secure communication between Microservices with Istio and mTLS The content is based on the example application from the OpenSource Github project #CloudNativeStarter, built with Quarkus and Microprofile.