Systems | Development | Analytics | API | Testing

Zero Trust

Tested Recipe for Optimizing and Securing Your Hybrid Cloud Environments

Enterprises are quickly evolving from a posture that approached the cloud as a kind of playground to one that goes all in to achieve cloud-first, cloud-native IT. With this transition from free-for-all to mature-business-service architecture, usually involving multiple public cloud providers, comes the need to answer some thorny questions. It’s no longer sufficient to endlessly pile on additional cloud services to a growing hybrid or distributed cloud infrastructure.

America's Cybersecurity Mandate: 5 Ways to Adopt Zero-Trust Architecture

President Joe Biden issued an “Executive Order on Improving the Nation’s Cybersecurity” as of May 12, 2021. The order includes numerous actions and mandates to confront the dangers of cyber attacks that are increasing in frequency and sophistication. Cybersecurity has real and significant implications, both in economical and national security terms. At the time of this writing, the Colonial Pipeline cyber attack caused quite a stir on the USA’s east coast.

Using Identity Management To Make Zero-Trust Security a Reality

Large-scale, sophisticated attacks like the SolarWinds cyber intrusion and the Microsoft Exchange Server hack are disturbing, to say the least. These are more than just bad headlines; they reflect fundamental, systemic problems with the security postures in most enterprises. One underreported issue is the continued adherence of organizations to principles that maintain strong perimeter controls to prevent things outside from coming in.

Governing API Management and Connectivity

As organizations adopt an API-first approach, there are many connectivity patterns to consider, and the developer experience needs to be excellent to promote adoption. It can be challenging to enforce API governance while enabling developers to build applications. This session recording covers how an organization can empower developers to use Kong securely, enable access control to the Kong API and Manager, enforce authentication/authorization in applications, and implement a zero-trust security model.

Authorizing Microservice APIs With OPA and Kuma

Many companies are leveraging DevOps, microservices, automation, self-service, cloud and CI/CD pipelines. These megatrends are changing how companies are building and running software. One thing that often slips through the cracks is security. With microservices, there’s an increase in the number of APIs companies have to protect. YouTube An error occurred. Try watching this video on www.youtube.com, or enable JavaScript if it is disabled in your browser.

Implementing Zero-Trust Service Mesh Security

Imagine you’re going through immigration at the airport. The immigration officer says, “I don’t need your passport because I trust that you are who you claim to be.” Wait, what? That would never happen, right? That’s because trust is exploitable. Sooner or later, somebody will try to lie about who they are, and thus a criminal could enter the country. That’s why countries must enforce some form of identity, like a passport, to certify travelers are who they claim.

The Importance of Zero-Trust Security When Making the Microservices Move

Transitioning to microservices has many advantages for teams building large applications that must accelerate the pace of innovation, deployments and time to market. It also provides them the opportunity to secure their applications and services better than they did with monolithic codebases.

How to Achieve Zero-Trust Security With Service Mesh | Kong Summit 2020

Are you an enterprise architect who is currently facing the challenge to secure and observe service connectivity across every cloud and every cluster? Kong Mesh, built on top of CNCF’s Kuma and Envoy, is a universal service mesh tailored to the enterprise architect that must provide modern and secure connectivity to the applications that the teams are building.