We can apply concepts from application architecture (SOA and Microservices) to more effectively build automation into our cybersecurity stacks. Orchestration and Choreography both have important roles to play.
In this post we will implement the Sidecar-on-Sidecar pattern in an Istio Service Mesh to provide application layer security and micro-segmentation.
In this post we’ll configure a Security Sidecar Pattern which will provide application level protection and micro-segmentation within the Kubernetes cluster.
As we begin a new decade I thought it would be cool to see how the tools of the trade for pre-sales Systems Engineers in the network security field have changed and which tools the SE’s SE will need to be proficient with in 2020.
In this post we will take an insecure deployment and implement a Security Service Layer Pattern to block application layer attacks and enforce strict segmentation between services.
In this post we will set the groundwork to deep dive into the Security Service Layer Pattern with a live insecure deployment on Google Kubernetes Engine (GKE). By the end of this post you will be able to bring up an insecure deployment and demonstrate layer 7 attacks and unrestricted access between internal services.
In this multi-part blog series, I will describe some microservice security design patterns to implement micro-segmentation and deep inspection in the interior of your Kubernetes cluster to further secure your microservice applications, not just the cluster. I will also demonstrate the design patterns with working Proof of Concept deployments that you can use as a starting point.