Service Mesh Istio
Envoy proxy & GetEnvoy, Istio, Open Source, Security

Istio and Envoy Security Advisories

September 29, 2020 — The Envoy Product Security Team (PST) announced  the availability of a security fix and a series of patches for Envoy versions 1.12,1.13, 1.14 and 1.15 to address two high-risk vulnerabilities related to header values and HTTP URL paths. In response to CVE-2020-25017. Additionally the Istio community recommends users to upgrade to 1.6.11+ for 1.6.x deployments or 1.7.3 or later for 1.7.x deployments.

Read More
Istio, Open Source, Service Mesh

How Istio got its name

Istio is a service mesh that allows organizations to connect, secure and observe microservices. Since its inception three years ago, it’s risen to become one of Google’s most prominent open source projects, a top-three keyword at KubeCon, and a mature, production-ready offering supported by a robust community.

Read More
CVE Fixes, Envoy proxy & GetEnvoy, Security

Envoy and Istio security releases – June 2020

Istio and the Envoy proxy security team have announced releases that address HIGH severity CVE-2020-11080, with a CVSS score of 7.5.

The identified vulnerability relates to excessive CPU usage when processing HTTP/2 SETTINGS frames that would cause denial of service. A malicious attacker might repeatedly construct a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries), causing the CPU to spike at 100%.

To address the vulnerability, we encourage Envoy users to upgrade to Envoy proxy 1.12.4, 1.13.2 or 1.14.2. You can get the latest release from GetEnvoy.

Istio users should update to 1.5.5 or later for 1.5.x deployments and 1.6.2 or later for 1.6.x deployments.

Read More
Service Mesh Istio
Istio, Open Source

Istio’s rise to maturity

A crowd of 12,000 attended KubeCon San Diego this November, looking to the cloud native skies for the IT forecast. Temperature takers couldn’t fail to notice the maturation of service mesh technologies and the rise of Istio, the open source project that has now moved into production and is operating at scale.

Read More
Identity Management and Access Control in Multi-Cloud
Security

Announcement of NIST & Tetrate co-hosted conference: “Identity Management and Access Control in Multi-Cloud”

Registration is open!

Join NIST and Tetrate.io this January 2020 for an interactive conference, “Identity Management and Access Control in Multi-Cloud,” to be held at NIST headquarters in Gaithersburg, MD. We’ll be navigating the future of Zero Trust in multi-cloud environments through the strategic integration of identity management, access control, and service mesh architecture.

Read More
KubeCon and CloudNativeCon
Case studies, Envoy proxy & GetEnvoy, Events, Istio, Open Source, Tetrate

Tetrate highlights from KubeCon San Diego: Istio, Envoy, and a brownfield to greenfield use case

Going to KubeCon San Diego? Visit us at Booth SE65.

KubeCon is just 2 weeks away, and Tetrate is excited to be sending our engineers, including top Istio and Envoy contributors. Look for the newly released Istio roadmap, Istio Up and Running, by Lee Calcote and our own Zack Butcher. And stop by and ask us anything about bridging legacy with cloud native.

Read More