Read the abstract ➤ https://www.conf42.com/Golang_2024_Prabesh_Thapa_optimizing_performance_security Other sessions at this event ➤ https://www.conf42.com/golang2024 Support our mission ➤ https://www.conf42.com/support Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:20 preamble 0:45 whoami 0:59 things we want our api to be 1:19 secure - authentication / authorization 4:26 validate unputs 4:55 log user activity (audit trails) 5:52 use appropriate response 6:37 password management 8:16 use config file vs env vars 9:31 mask sensitive data 10:04 implement rate limiting 12:01 secure communication 12:33 patch your dependencies 13:06 fast - use optimized database queries 14:24 implement caching 15:24 pagination 16:24 break into smaller service 17:26 robust 17:36 fail early fail fast 18:31 use appropriate status code 19:52 don't just check errors, handle them gracefully 20:58 context passing 22:32 acid compliance 23:48 context passing 23:52 use structured logs 24:19 implement health checks 25:33 handle retries gracefully 27:04 expose metrics 27:53 version for maintainability 28:38 conclusion 28:58 thank you