Announcing TEG 1.2—Enterprise support and FedRAMP-ready FIPS builds for Envoy Gateway 1.2

Learn more › close
Tetrate Enterprise ready service mesh
Get Demo
Pricing

Frequently Asked Questions

Service Mesh Solutions

What Is a Kubernetes Ingress Controller

How Kubernetes Ingress Works

What Is Kubernetes Ingress Used For?

What Is a CVE (Common Vulnerability and Exposure)?

What Are the Benefits of CVES?

How Does Tetrate Fix Cves?

What Is CVSS?

What Are the Limitations of CVE?

What’s the Difference Between Tetrate Products and Istio?

What Is the Difference Between CVE and CVSS?

What Is a Cybersecurity Vulnerability?

What Is a Cybersecurity Exposure?

What Is Sidecarless?

Istio Ambient Mode vs. Ambient Mesh

What Is Cisa’s Zero Trust Maturity Model (ZTMM)?

What Are the Five Pillars of Cisa’s Zero Trust Maturity Model (ZTMM)?

 What is CISA’s Zero Trust Maturity Model (ZTMM)

What are the five pillars of CISA’s Zero Trust Maturity Model (ZTMM)?

What Are the Pillars of Forrester’s Zero Trust Model?

What Is Threat Modeling?

What Is a Software-Defined-Perimeter (SDP) with Zero Trust?

Why Is Application Security Important?

What Is Kubernetes Security?

What is Ambient Mesh?

What Is Zero Trust Architecture (ZTA)?

What Is Tetrate Service Express (TSE)?

Does Tetrate Service Express (TSE) Integrate with Amazon Eks?

Do Tetrate Products Support Multiple Cloud Deployments?

Are Tetrate Products Open Source?

Do Tetrate Products Support Non-kubernetes Workloads?

Why Do I Need Tetrate in Addition to Open Source Istio?

Do Tetrate Products Run in the Cloud and on Premises?

Why Do I Need Multitenancy in a Service Mesh?

How Do I Protect Production from Unauthorized Access in a Dynamic Compute Environment like Kubernetes?

How Can I Implement Mtls Across My Entire Infrastructure, Including Between Kubernetes and Vms?

Will Tetrate Service Bridge Work with My Existing Public Key Infrastructure?

How Do I Ensure and Prove Consistent Application of Authorization Policy Across All of My Deployments?

How Does Tetrate Service Bridge Transparently Shift Traffic to Public Cloud Services from My On-Premises, Self-Managed Infrastructure?

How Does Tetrate Service Bridge Help Optimize Locality and Minimize Egress?

How Can I Safely Roll Out My Microservices Implementation and Roll Back to the VM Implementation if It’s Not Working?

How Can I Mitigate the Damage of Infrastructure Outages by Giving My Developers Tools to Failover and Build Ha Applications?

How Does Tetrate Service Bridge Help Me Keep My Service Mesh up to Date Without Causing Outages?

How Do I Enable My Developers to Build Reliable Applications Using Mesh Primitives?

What Is the Difference Between Tetrate Service Bridge and Tetrate Service Express?

What Is an API?

What Does Kubernetes Do?

What Does “Proxied” Mean?

What Is ProxyPass?

What Is a Gateway in Microservices?

What Is ABAC?

What Does a Service Mesh Do?

What Is Istio?

What is Envoy Proxy?

What Are the Core Principles of the Zero Trust Model?

What Are the Benefits of Choosing a Zero Trust Architecture?

What Are the Limitations of CVE?

CVE is not meant to be a vulnerability database, so (by design) it does not contain some of the information needed to run a comprehensive vulnerability management program. In addition to the CVE identifier, the CVE entry includes only a brief description of the security vulnerability, and references to more information about the CVE, such as vendor advisories.

Additional information on each CVE can be found directly on vendor websites, as well as in the NIST National Vulnerability Database (NVD). The NVD provides CVSS Based Scores, fix information, and other important details often needed by information security teams that want to mitigate the vulnerability or assess its overall priority.

Additionally, CVE represents vulnerabilities in unpatched software only. While traditional vulnerability management programs viewed unpatched software as the primary issue for resolution, modern, risk-based approaches to vulnerability management recognize that there are many types of “vulnerabilities” introducing risk to an organization, all of which need to be identified and mitigated. Many of these do not fit the definition of a CVE and cannot be found in the CVE security list.