Managing network access policies in large-scale Kubernetes environments is a constant challenge. Traditional allow/deny lists become unmanageable as deployments grow, leading to security gaps and operational bottlenecks. Add workload identity management and application-level access policies to the picture, and you get a never-ending puzzle to solve on a daily basis.

But what if you could dynamically generate network and application-level policies, or even Istio authorization policies, by detecting traffic patterns with BPF and directly polling metrics from Envoy, and build an "Intent" custom resource? This would alleviate a lot of the hurdles and allow for healthier, faster growth of your most valuable business applications.

Join Nic in this talk, where he’s going to introduce and demonstrate how Otterize has developed an intent-based operator together with an BPF network mapper operator to make this dream come true! “Wow effect guaranteed”, that’s what the otter said!