Save Your Services from Sneaky Snoops With SPIFFE
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Discover how to enhance service security using SPIFFE and SPIRE in this 28-minute conference talk. Learn about the hidden threat of hardcoded credentials in cloud native projects and explore a solution that eliminates an entire class of security vulnerabilities. Delve into the CNCF's SPIFFE and SPIRE projects, understanding how they enable secure authentication for workloads like PostgreSQL, MongoDB, and AWS without relying on hardcoded credentials. Gain insights into service identity, perimeter security, and the SPIFFE standard. Explore real-world implementations, address common questions, and learn about available plugins. Discover which organizations are already leveraging this technology to improve their DevSecOps practices.
Syllabus
Introduction
Topics
Service Identity
Perimeter Security
SPIFFE
SPIFFE Standard
How SPIFFE Works
SPIFFE in Real Systems
Frequently Asked Questions
Plugins
Whos using it
Questions
Taught by
CNCF [Cloud Native Computing Foundation]