microservices applications using a service mesh
ABAC, NGAC, Security, Tetrate, Zero Trust

NIST-Tetrate 2021 Conference Talk: ABAC for microservices applications using a service mesh

Access control is fundamental to application security. Modern applications, more than ever, need a flexible access control mechanism that can succinctly express access rules, take into account a large number of objects and dynamic runtime attributes, and be evaluated efficiently at runtime. These rules must also be both intelligible and auditable so the current state of access policy enforcement is knowable and can be easily understood. 

Read More
US govt zta memo
Security, Service Mesh, Zero Trust

The US Government Endorses Zero Trust Architecture for Security

Tetrate is among the leading proponents of zero-trust architectures, helping NIST define the standards, and enabling public and private enterprises to pursue a zero-trust strategy — powered by the service mesh at its core. We’re recognized leaders in this space: we have been the exclusive co-hosts of an annual conference with the National Institute of Standards and Technology (NIST) on this topic for three years so far, and counting, as mentioned below. We’ve recently been recognized by Gartner as a Cool Vendor for Cloud Computing, and we were recognized by IDC as an IDC Innovator 2021. We were also named one of the Top 10 Hottest Cloud Computing Startups of 2021 by CRN. 

Read More
DevSecOps
Announcements, Kubernetes, Security, Service Mesh, Tetrate, Zero Trust

Why You Should Attend the ZTA and DevSecOps Conference with NIST and Tetrate

Tetrate and NIST are hosting their third annual ZTA conference, ZTA and DevSecOps for Cloud Native Applications (virtual), on Wednesday, Jan. 26th (training) and Thursday, Jan. 27th (sessions). The conference provides the most valuable opportunity this year for organizations to gather a practical understanding of how to secure critical infrastructure. You will learn how to put together a ZTA stack for end-user traffic from the ground up.

With the severity of data breaches escalating, including damage to critical US infrastructure, executive orders have been issued, calling for federal agencies to adopt Zero Trust Architecture (ZTA). The DevSecOps approach is seen as essential to achieving high operational assurance for microservices-based applications. But many organizations face challenges in implementation. NIST and Tetrate are presenting the third annual edition of this conference to dive deeply into this new architectural model, which yields enhanced security and other benefits. Their work to date has already yielded ZTA standards for cloud-native applications. 

Read More
Zero Trust network for Microservices
Istio, Kubernetes, NGAC, Security, Tetrate Service Bridge, Zero Trust

Zero Trust Network for Microservices

Today, every major organization is going through a massive digital transformation, adopting cloud, mobile, microservices, and container technologies to deliver services efficiently, meet critical business demands, and catch up with market expectations. Organizations’ Platform and DevOps teams have to model distributed and multi-cloud applications and services accessible from anywhere and anytime to be agile. This has given rise to two significant trends within the organizations:

  1. As a growing number of organizations adopt multi-cloud, they deploy their applications into the public cloud (Google, Amazon, Azure, etc.), which means that the data is out of their perceived safety of on-prem data centers.
  2. Organizations use microservices and distributed architecture to achieve agility and scale. 
Read More
log4j vault
Security, Tetrate, Zero Trust

How Tetrate Service Bridge Protects Log4j Remote Execution

We love open source, but recognize the reality that security can be hard. Recently the Log4j vulnerability (CVE-2021-44228) made everyone realize how wide-spread and severe a security incident can be when it comes to security root causes in the open source. In this blog we will first briefly explain the Log4J CVE as background, then demonstrate how Tetrate Service Bridge can help by providing a built-in Web Application Firewall engine.

Read More
Access
NGAC, Security, Service Mesh, Zero Trust

NGAC Vs RBAC Vs ABAC

Why You Should Choose NGAC as Your Access Control Model

Different companies or software providers have devised countless ways to control user access to functions or resources, such as Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC). In essence, whatever the type of access control model, three basic elements can be abstracted: user, system/application, and policy.

In this article, we will introduce ABAC, RBAC, and a new access control model — Next Generation Access Control (NGAC) — and compare the similarities and differences between the three, as well as why you should consider NGAC.

Read More