Securing Cloud Native Communication, From End-User to Service

Time: Jul 9 | 3:20 PM - 3:55 PM Location: Gashouder | Westergasfabriek

Session Title

Securing Cloud Native Communication, From End-User to Service

Session Abstract

Everyone building or operating cloud native applications must understand the fundamentals of security issues and modern threat models. Although this topic is vast, in this talk Nic and Daniel will focus on the end-to-end communication and higher-level networking threats, and explore how the combination of an edge proxy and service mesh using TLS and mTLS can be used to mitigate many man-in-the-middle attacks. Key takeaways include: understand the "three pillars" of service mesh functionality - observability, reliability, and security; a service mesh is in a unique place to enforce security features like mTLS; learn how to ensure that there are no exploitable "gaps" within the end-to-end/user-to-service communication path, explore the differences in ingress/mesh control planes, with brief demonstrations using Ambassador and Consul Connect.


HashiConf EU is now sold out, but there are still spots available for product trainings on 8 July. Register for Training Day here!