Securing cloud-native applications in ephemeral environments is challenging due to dynamic workload identities. To maintain security and fast deployment, automated controls and a zero-trust architecture are crucial. This talk will demonstrate implementing zero trust using mTLS, first manually, then via a service mesh for seamless security without code changes.
Securing Cloud Native applications running in ephemeral execution environments at scale can be a challenge as these workloads cannot rely on static identities such as network IPs but instead use dynamic workload identities.
Meeting the challenge of securing applications while maintaining fast deployment and development cycles requires adopting automated security controls and secure-by-design architecture, such as zero trust. However, zero trust requires unique entity identities, an independent authentication of identities, and secure communication between entities.
In this talk, we will demonstrate practical approaches to implementing a zero trust security model. First, we will show a way of manually setting up mutual TLS (mTLS) between applications, defining identity and communication in the application itself. Then, we'll explore how to achieve the same results with no underlying code changes, using a service mesh.
CONTACT US