Loading…
In-person
18 April 2023
Learn More

The Sched app allows you to build your schedule, but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2023, and have an All-Access pass in order to participate in the sessions.

The KubeCon + CloudNativeCon Only virtual pass is still available. With this pass you get all the fantastic content you’ve come to expect from KubeCon + CloudNativeCon but from the comfort of your own home!  *Observability Day + CiliumCon will be available via livestream on the virtual platform, all other co-located events recordings will be available 24-72 hours post-event on the CNCF YouTube channel.

Thank you to our CiliumCon livestream sponsor, Isovalent and our Observability Day livestream sponsor, Lightstep! Join the conversation on Cilium Slack.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

To view the full event schedule for a specific CNCF-hosted Co-located event, you can use the right-hand navigation bar to sort and filter.

The schedule is subject to change.
Back To Schedule
Tuesday, April 18 • 13:45 - 14:10
Is Istio Ambient Mesh Secure? - Christian Posta, Solo.io & John Howard, Google

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
Service-to-service security is the number one reason why platform engineers leverage a service mesh. When we worked on the initial implementations of Istio Ambient Mesh, a sidecarless data plane for Istio, security was a very top concern: we could not regress or make the mesh less secure from what we already get with a sidecar architecture. When we introduced Istio Ambient mesh back in the fall of 2022, we believe we made the right architecture decisions to preserve the powerful zero-trust properties of an Istio service mesh. In this talk we dig into the security posture of Istio Ambient Mesh sidecarless data plane and understand how we do mTLS, workload identity, and establish good security boundaries between an infrastructure and application world.
Speakers
avatar for Christian Posta

Christian Posta

VP, Global Field CTO, Solo.io
Christian Posta (@christianposta) is VP, Global Field CTO at Solo.io. He is the author of Istio in Action as well as many other books on cloud-native architecture and is well known in the cloud-native community for being a speaker, blogger (https://blog.christianposta.com) and contributor... Read More →
avatar for John Howard

John Howard

Staff Software Engineer, Google
John is a Software Engineer at Google working on Istio, and member of the Istio TOC and Steering committee.

IstioDay 2023 Ambient Mesh Security.pptx pdf
Tuesday April 18, 2023 13:45 - 14:10 CEST
Hall 7, Room D | Ground Floor | Europe Complex
  Istio Day, New Features