mTLS Archives

How Istio’s mTLS Traffic Encryption Works as Part of a Zero Trust Security Posture

The Istio service mesh offers cloud native deployments a standard way to implement automatic mutual transport layer security (mTLS). This reduces the attack surface of network communication by using strong identities to establish encrypted channels between workloads within the mesh that are both confidential and tamper-resistant. mTLS is a key component for building zero-trust application networks. To understand mTLS traffic encryption in Istio, this article will cover the following:

An overview of TLS, mTLS, and TLS termination
An introduction to howTLS encryption works in Istio
How to use Istio to implement mTLS in Kubernetes
A discussion of when you do and don’t need mTLS

Kubernetes, mTLS, Zero Trust

mTLS Best Practices for Kubernetes

Kubernetes is the de facto standard for orchestrating modern cloud-native workloads. But, it doesn’t provide for secure communication out of the box. This means everyone who needs to implement encryption-in-transit to adopt a zero trust security posture for their Kubernetes deployments needs to figure it out for themselves.

mTLS

mTLS by the Book

In DevSecOps the reality is that everything is configurable– absolutely everything. A good analogy here: Imagine if you had a pen that had– instead of one button to retract the ballpoint– a number of knobs and switches– a color adjuster, pressure switch, ink density tuning wheel, etc. Many people would find it difficult to sign their name because not many of us are ink experts. A similar situation is happening when application developers or infrastructure specialists need to become cryptographers to set up mTLS certificates.

mTLS, Security, Tetrate, Tetrate Service Bridge

Securing Microservices across Clouds Using Tetrate Service Bridge

Introduction

Today, digital transformation is a well-established priority for almost all organizations across industries. With digital transformation, which includes adopting cloud, microservices, and container technologies, C-Suite leaders intend to deliver services faster and on demand.