Press release

Aporeto Launches New Identity Federation Capabilities for Kubernetes Pods and Istio Service Mesh, Delivering Security as Code to Accelerate DevSecOps

0
Sponsored by Businesswire

Aporeto, a leader in Zero Trust Cloud Security, announced today new Kubernetes security capabilities. With this announcement, Aporeto now offers Identity Federation for Kubernetes pods applicable to any cloud. Users can run their apps on the Kubernetes platform of their choice and let Aporeto’s cloud-delivered security solution provide least privilege access to cloud credentials for their apps, realizing significant time and cost savings while being able to adopt cloud-native services faster.

For enterprise organizations using Istio service mesh to manage their containers, microservices or Kubernetes container orchestration, Aporeto now offers an Envoy plugin that seamlessly extends all Aporeto capabilities into an Istio service mesh environment. Through x509 certificates and OAuth tokens, Aporeto provides consistent identities to all workloads and enables identity federation between a company’s workloads and any third party. With Aporeto, organizations can bring legacy services into Istio without any changes, and any non-Istio service can become a consumer of the service mesh with no code-changes or operational configuration change of the service. Additionally, Aporeto provides extended Berkeley Packet Filter (eBPF) support for better performance.

The company will be demonstrating the new Kubernetes identity federation and Istio enhancements at the KubeCon conference in San Diego, Booth #S42, November 18 – 21. Users can learn how to secure a Kubernetes cluster in under five minutes with no dependency on CNI and no operational overhead of setting-up another tool.

“Most teams that Arctiq works with now have multiple Kubernetes clusters across many environments. While teams today are interested in deploying Istio with every cluster, ensuring a consistent configuration across all clusters is still a difficult task,” said Shea Stewart, partner at Arctiq. “Aporeto provides a centralized control plane of Istio enforcement that ensures all clusters are appropriately configured and offers an opportunity for enterprises to set up some safe guard rails while development teams learn to use the features of Istio.”

“Managing cloud credentials is a big challenge for anyone building cloud-native apps. The recent cloud-native breaches are the result of compromised cloud credentials,” commented Dimitri Stiliadis, CTO and co-founder of Aporeto. “Our customers know that allowing Kubernetes pods to securely consume cloud-managed resources means that there is a high risk of unauthorized access to cloud credentials, and we are here to solve this problem for them.”

About Aporeto

Aporeto, a leader in Zero Trust Cloud Security, provides comprehensive network security through microsegmentation and secure access to infrastructure and resources by using application identity rather than IP addresses. Aporeto protects against attacks and enables complete visualization, simplified proof of compliance, centralized policy management, and accelerated app migration across all workloads including containers, Kubernetes, serverless, service mesh and VM environments. Aporeto future-proofs hybrid cloud infrastructures, and delivers stronger cloud security, agility to accelerate digital transformation, and better ROI for any infrastructure at scale. Learn more at www.aporeto.com or request a free Kubernetes trial at https://www.aporeto.com/trial/.