Virtualization Technology News and Information
Article
RSS
Aporeto Launches New Identity Federation Capabilities for Kubernetes Pods and Istio Service Mesh, Delivering Security as Code to Accelerate DevSecOps
Aporeto, a leader in Zero Trust Cloud Security, announced today new Kubernetes security capabilities. With this announcement, Aporeto now offers Identity Federation for Kubernetes pods applicable to any cloud. Users can run their apps on the Kubernetes platform of their choice and let Aporeto's cloud-delivered security solution provide least privilege access to cloud credentials for their apps, realizing significant time and cost savings while being able to adopt cloud-native services faster. 

For enterprise organizations using Istio service mesh to manage their containers, microservices or Kubernetes container orchestration, Aporeto now offers an Envoy plugin that seamlessly extends all Aporeto capabilities into an Istio service mesh environment. Through x509 certificates and OAuth tokens, Aporeto provides consistent identities to all workloads and enables identity federation between a company's workloads and any third party.  With Aporeto, organizations can bring legacy services into Istio without any changes, and any non-Istio service can become a consumer of the service mesh with no code-changes or operational configuration change of the service. Additionally, Aporeto provides extended Berkeley Packet Filter (eBPF) support for better performance.

The company will be demonstrating the new Kubernetes identity federation and Istio enhancements at the KubeCon conference in San Diego, Booth #S42, November 18 - 21. Users can learn how to secure a Kubernetes cluster in under five minutes with no dependency on CNI and no operational overhead of setting-up another tool. 

"Most teams that Arctiq works with now have multiple Kubernetes clusters across many environments. While teams today are interested in deploying Istio with every cluster, ensuring a consistent configuration across all clusters is still a difficult task,"  said Shea Stewart, partner at Arctiq. "Aporeto provides a centralized control plane of Istio enforcement that ensures all clusters are appropriately configured and offers an opportunity for enterprises to set up some safe guardrails while development teams learn to use the features of Istio."

"Managing cloud credentials is a big challenge for anyone building cloud-native apps. The recent cloud-native breaches are the result of compromised cloud credentials," commented Dimitri Stiliadis, CTO and co-founder of Aporeto. "Our customers know that allowing Kubernetes pods to securely consume cloud-managed resources means that there is a high risk of unauthorized access to cloud credentials, and we are here to solve this problem for them."
Published Monday, November 18, 2019 9:05 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<November 2019>
SuMoTuWeThFrSa
272829303112
3456789
10111213141516
17181920212223
24252627282930
1234567