It’s been clear for some time now that perimeter based network security is not sufficient to secure your application. Large enterprises have moved to a zero-trust model, where security is based on identity, rather than network location, and traffic is encrypted every time it touches the network, but the challenges to operating such a system can be overwhelming. How do you manage secure secret rotation at scale for every instance of every client and service? How do you mitigate replay attacks, and authorize access to services not only based on service identity, but on end user identity as well?
This talk will explore how Istio was designed from the ground up to make cutting edge, zero-trust architectures accessible to everyone.