Save Your Services from Sneaky Snoops With SPIFFE

Discover how to enhance service security using SPIFFE and SPIRE in this 28-minute conference talk. Learn about the hidden threat of hardcoded credentials in cloud native projects and explore a solution that eliminates an entire class of security vulnerabilities. Delve into the CNCF's SPIFFE and SPIRE projects, understanding how they enable secure authentication for workloads like PostgreSQL, MongoDB, and AWS without relying on hardcoded credentials. Gain insights into service identity, perimeter security, and the SPIFFE standard. Explore real-world implementations, address common questions, and learn about available plugins. Discover which organizations are already leveraging this technology to improve their DevSecOps practices.