Secure infrastructure has never been more crucial to organizations working at high speed and large scale, and those working with the most sensitive data, from financial institutions to the Department of Defense, have found service mesh architecture to be critical to the enforcement of “zero trust.” Join us for a day to dive into the foundational security approaches for multi-cloud environments!

DevSecOps and Zero Trust Architecture (ZTA) facilitate rapid and secure app development, promote interoperability, and mitigate threats in a perimeter less environment. The focus of this conference will be on the delivery of these capabilities through the use of a service mesh architecture.

A service mesh is an approach that decouples operations from development by addressing networking, security, and observability issues across applications with an independent networking layer, or a “mesh” that manages communications between services. A mesh can consistently provide such features as mutual TLS, secure service discovery, security monitoring, end-to-end encryption, network resilience, authentication, and access control at the client, service, and data level.

The program will feature presentations by national leaders and experts on service mesh architecture, DevSecOps, and ZTA deployment, and adopters demonstrating proof-of-concept use cases in multi-cloud environments.

Speakers include:

• Nicolas Chaillan (U.S. Air Force & Co-Lead of the DoD Enterprise DevSecOps Initiative)
• André Mendes (Acting CIO, DoC)
• Sorin Nastea (FDA)
• Kevin Paige (CISO, Flexport)
• Zulfikar Ramzan (CTO, RSA)
• Andrew Weiss (UMBC);
• James Younger (DHS)
• Varun Talwar (keynote), Adam Zwickey, Ignasi Barrera, and Zack Butcher (Tetrate)
• Dr. Ron Ross, Ramaswamy Chandramouli, and Joshua Roberts (NIST)

The event will cover the benefits and vision of DevSecOps; the past, present, and future of ZTA; guidelines for deploying a service mesh for securing microservices-based application systems, and an ask-the-expert panel of experts and end users. Attendees will learn about mitigating insider threat and “man in the middle” attacks; eliminating tight coupling between code implementing application logic and application services using service proxies, and supporting agile Authority to Operate (ATO).

Tetrate and NIST previously co-hosted a conference last year on identity management and access control for multi-cloud environments. Zack Butcher and Ramaswamy Chandramouli are the co-authors of the NIST special publication “Building Secure Microservices-based Applications Using Service-Mesh Architecture.” Tetrate has also partnered with NIST to implement David Ferraiolo’s groundbreaking access control approach, NGAC, on top of the open-source service mesh, Istio. Ignasi Barrera and Joshua Roberts will present a demo of the implementation.

This conference will be broadly relevant to people who need to ensure secure development and delivery in increasingly complex deployment environments: DevOps Team Leads, Security professionals, Agile practitioners, Developers, Product innovation Managers, Pentesters, DevSecOps Team Leads, Head of Platforms, Sysadmins, Cloud Security Strategists, Architects, Engineers, Analysts, CTOs, CISOs, IT Managers, Consultants, Directors, Application Security Experts, etc. Familiarity with service mesh architecture is not require.

View Event Website:
https://www.nist.gov/news-events/events/2021/01/devsecops-and-zero-trust-architecture-zta-multi-cloud-environments

About Tetrate:

Tetrate is a service mesh company offering a management API that allows companies to centralize and tame their complex, disparate systems. With a compute-agnostic, zero-trust fabric that stretches to workloads wherever they are, enterprises can consistently observe, connect, and secure their applications running in any environment. Users get an application-aware network, mapped to the needs of their organization, so they can modernize applications quickly and safely and progressively migrate from legacy infrastructure to the cloud.