Tetrate Chosen by United States Air Force to Speed Delivery of Secure and Compliant Software Applications in $1.75M Contract

Tetrate Istio Subscription provides application networking and security based on open source Istio and Envoy – services essential for NIST Zero Trust security standard

SAN FRANCISCO—May 16, 2023—Tetrate, the provider of the world’s leading application networking and security platform, today announced the renewal of its contract with the United States Air Force (USAF). The total annual contract value exceeds $1.7 million for services and support. Tetrate supports USAF “Platform One” with application networking and security services with Tetrate Istio Subscription (TIS), a product based on open source Istio service mesh and Envoy proxy, services essential for implementing a Zero Trust security model.

“The Department of Defense has completely transformed its Kubernetes and DevSecOps capabilities over the last several years. Service Mesh technologies represent the next phase of platform capabilities most in need of investment for Defense systems,” said Robert Slaughter, CEO, Defense Unicorns. “Service mesh solutions, specifically for tactical edge systems, will be incredibly challenging to master, but will have lasting mission impact across almost every weapon system.”

Platform One is a software development platform used by the USAF to build secure and compliant software applications. It is a cloud-based platform that provides a common set of tools, processes and security controls for software development across the USAF. The goal of Platform One is to enable faster and more efficient software development while ensuring security and compliance with regulations and policies. The platform includes tools for continuous integration and deployment, containerization, and automated testing, among other features. It is used by various USAF organizations, including the Air Force Life Cycle Management Center (AFLCMC) and the Air Force Space Command (AFSPC).

As a response to the increasing number of high profile security breaches, the Biden administration issued Executive Order 14028 mandating U.S. Federal Agencies, such as USAF, adhere to NIST 800-207 as a required step for Zero Trust implementation. With this mandate, the federal government is signaling that Zero Trust is essential to combating today’s cybersecurity challenges. Recently, NIST SP 800-207A (SP 207A), the next installment of Zero Trust guidance from the National Institute of Standards and Technology (NIST), was released for public review. It provides guidance in designing a Zero Trust architecture (ZTA) for cloud-native application platforms (microservices with a service mesh infrastructure) in the context of an enterprise environment where applications are hosted in multi-cluster and multi-cloud deployments. SP 207-A is co-authored by Tetrate founding engineer Zack Butcher.

“Tetrate is honored to be chosen once again by the U.S. Air Force to continue contributing to the security of Platform One,” said Branden Wood, federal director at Tetrate. “Beyond helping maintain their Istio security posture, Tetrate has been maintaining Authservice—used to implement Single Sign-On (SSO) without application changes—for several DoD environments as part of our work with Platform One, and as this technology is aging, we will be working with Platform One to migrate SSO capabilities to Envoy using OpenID Connect (OIDC) authorization protocol. We also assist Platform One with FedRAMP Moderate compliance by securing east-west traffic with secure naming, mutual transport layer security (TLS) that meets FIPS 140-2 requirements, sidecar proxies and key management.”

NIST Conference on Zero Trust May 25

The fourth annual conference on Zero Trust architecture (ZTA) and high assurance for cloud-native applications — hosted by Tetrate in partnership with the U.S. National Institute of Standards and Technology (NIST) and the Department of Commerce — is an event for cybersecurity professionals, policy makers, entrepreneurs and students. The conference will take place Thursday, May 25 and will include a free, three-hour service mesh workshop on Wednesday, May 24. The conference will be held at Herbert C. Hoover Federal Building in Washington, DC, is open to the public and will be streamed live. This year’s conference will focus on delivering ZTA through application-tier and network-tier policies in a high assurance service mesh operating environment. Watch now.

About Tetrate

Rooted in open source, Tetrate was founded to solve the application networking and security challenges created by modern computing so enterprises can innovate with speed and safety in hybrid and multi-cloud environments. As applications evolve into collections of decentralized microservices, monitoring and managing the network communications and security among those myriad services becomes challenging. This is why some of the largest financial institutions, governments and other enterprises rely on Tetrate to deliver modern application networking and security. Find out more at www.tetrate.io.

MEDIA CONTACT:
Robert Cathey
Cathey.co for Tetrate
+1 865-386-6118