This year’s Multi-Cloud Conference co-hosted by NIST and Tetrate will focus on DevSecOps and ZTA as foundational approaches to development, deployment, and operational phases for achieving high-assurance cloud-native applications.
The latest generation of cloud-native applications often consists of a collection of microservices that could be distributed and deployed across a heterogeneous infrastructure (on-premises, public cloud, containerized, running on virtual machines, etc). With the proliferation of DevSecOps, a service mesh has proven to provide the desired bridge between infrastructure and microservices to transparently add security, connectivity, observability, and reliability without any additional code. Service mesh plays a critical role in the incorporation of zero trust design principles and in the adoption of the DevSecOps paradigm that are essential to high operational assurances for this class of applications.
This conference will take place on Jan 27, 2022, and will feature presentations by domain experts, practitioners, and thought leaders in DevSecOps and Zero Trust Architecture (ZTA) deployments, as well as demonstrations of proof-of-concept use cases in multi-cloud environments. Presentations will address the following:
- ZTA guiding principles and approaches for workflow, system design, and operations through DevSecOps pipelines, authentication and authorization frameworks, and continuous monitoring
- NIST’s latest guidance on DevSecOps and security engineering practices
- The role of automation in operational security
- The benefits of prescribed approaches, such as prevention of configuration drift and continuous authority to operate
The conference is preceded by a workshop on Jan 26, 2022, that will focus on Envoy and Istio. More details are provided below.
Entrepreneurs, students, and cybersecurity professionals are encouraged to attend!
WORKSHOP: Interactive Training with Envoy and Istio, January 26, 2022, 12:00 - 2:30 p.m. EST
Join a day early for a deep-dive, 2.5-hour training.
In this session, we’ll showcase a real-life deployment implementing Zero Trust Architecture, by deploying and describing the Platform One stack. This training will demonstrate how and why to use these tools to solve the challenges of security, observability, networking, and multi-cloud. We’ll walk through a real Platform One deployment showcasing the use of Istio, Kubernetes, and other tools to build in-app and user-level security permissions, encryption in transit, enhanced identity and access controls, and provide runtime observability required to achieve a zero-trust platform in practice. Throughout, you’ll have experts in the room to answer questions.
Familiarity with Kubernetes, Istio or service mesh, and Platform One will be helpful for attendees.
Topics include:
- Traffic management and resilient communication between services
- Policy enforcement and rate-limiting
- Telemetry, monitoring, and reporting
- Securing communication between microservices
- Canary deployment
- Secure compute and runtime controls with a service mesh
- Cluster management
- Deploying a service mesh across heterogeneous, multi-cloud enterprise environments
TECHNICAL CONTACT:
David Ferraiolo
SSA Group Manager
david.ferraiolo@nist.gov
