Microservice security: a systematic literature review

Davide Berardi, Saverio Giallorenzo, Jacopo Mauro, Andrea Melis, Fabrizio Montesi, Marco Prandini*

*Corresponding author for this work

Research output: Contribution to journalJournal articleResearchpeer-review

330 Downloads (Pure)


Microservices is an emerging paradigm for developing distributed systems. With their widespread adoption, more and more work investigated the relation between microservices and security. Alas, the literature on this subject does not form a well-defined corpus: it is spread over many venues and composed of contributions mainly addressing specific scenarios or needs. In this work, we conduct a systematic review of the field, gathering 290 relevant publications—at the time of writing, the largest curated dataset on the topic. We analyse our dataset along two lines: (a) quantitatively, through publication metadata, which allows us to chart publication outlets, communities, approaches, and tackled issues; (b) qualitatively, through 20 research questions used to provide an aggregated overview of the literature and to spot gaps left open. We summarise our analyses in the conclusion in the form of a call for action to address the main open challenges.

Original languageEnglish
Article numbere779
JournalPeerJ Computer Science
Publication statusPublished - 2022

Bibliographical note

Publisher Copyright:
© 2022 Berardi et al. All Rights Reserved.


  • Authentication
  • Authentication and authorization
  • Emerging Technologies
  • Infrastructure-as-a-service
  • Intrusion detection and prevention
  • Privacy
  • Security and Privacy
  • Service composition
  • Service deployment
  • Service discovery
  • Software development
  • Software Engineering
  • Threat model


Dive into the research topics of 'Microservice security: a systematic literature review'. Together they form a unique fingerprint.

Cite this