Securing Cloud Native Communication, From End-User to Service

Daniel Bryant, Product Architect, Datawire and Nic Jackson, Developer Advocate, Hashicorp, July 23, 2019

Everyone building or operating cloud native applications must understand the fundamentals of security and modern threat models. Although this topic is vast, in this talk Daniel and Nic will focus on securing end-to-end (user-to-service) communication, and also explore how the combination of an edge proxy and service mesh using TLS and mTLS can be used to mitigate many person-in-the-middle attacks.

Key takeaways include:
– Understand the different characteristics of north-south and east-west traffic, and how the control plane needs to be optimised for each use case
– Understand why service mesh is in a unique place to enforce security features like mTLS, service identity, and traffic policies
– Learn how to ensure that there are no exploitable “gaps” within the end-to-end communication path
– Brief demonstrations of key principles using the open source Ambassador API gateway and Consul service mesh.

DOWNLOAD SLIDES

Get Involved

CNCF webinars are a great way to educate new and existing community members about trends and new technologies. We’re looking for project maintainers, CNCF members, community experts to share their knowledge. Webinars are non-promotional and focus on education and thought leadership within the cloud-native space.

Interested in hosting a CNCF webinar?

LET US KNOW