Jetstack, a Kubernetes product and services provider
and Venafi company, announced the launch of Jetstack Secure, its new flagship product which extends
the core value of the highly popular cert-manager open source project.
Jetstack Secure delivers comprehensive protection and
full visibility of machine identities to Cloud Native Platform and Security
teams, including public trusted certificates for ingress TLS, as well as
private certificates for internal workloads using mTLS across a service mesh.
Jetstack Secure comes ready packaged with a web-based
management interface and enterprise-grade support direct from the team behind
the project. The product builds a detailed view of the enterprise security
posture across multiple clusters and clouds, including certificates that have
been manually created by developers, and proactively identifies operational
issues based on cert-manager status and health, as well as X.509 certificate
misconfiguration.
Built to operate in fast-paced, rapidly evolving
Kubernetes and OpenShift environments, Jetstack Secure deploys easily using
Kubernetes resources, including an open source agent, and it is backed by a
reliable and scalable SaaS managed by Jetstack. The full interface can be
set-up to run for free on a single cluster and customers can upgrade for
advanced multi-cluster and alerting capabilities.
Jestack are the original creators of cert-manager; the
company donated the cert-manager project to the Cloud Native Computing
Foundation® (CNCF®) "Sandbox" in
November.
We've seen first-hand from our work with customers
that adopting Cloud Native technologies and modern microservice architecture
very quickly leads to a significant growth of TLS certificates - from ingress
TLS, to intra-service mTLS, Kubernetes webhooks and more," said Matt Bates,
Jetstack CTO and Co-Founder. "As infrastructure scales and clusters accumulate,
a very high level of automation is needed to ensure certificates are consistent
and kept up-to-date. Automating the certificates lifecycle, to keep workloads
protected, is the core value of cert-manager, with open source support for
public issuers using ACME (e.g. Let's Encrypt), as well as private authorities,
such as HashiCorp Vault and Google Certificate Authority Service (CAS)."
Bates continued: "With Jetstack Secure our customers
can see a detailed view of each cluster and an instant visual status of all
workload certificates, including their association with Kubernetes resources.
Crucially, it will identify and help to mitigate issues that can cause
operational or security risk."
For more information, please visit: https://blog.jetstack.io/blog/jetstack-secure