Tetrate and Federal Agency NIST Cohost ZTA and DevSecOps Conference 2022 Kicking Off With Istio and Envoy Training. Experts from leading security and tech organizations gather for third annual Zero Trust Architecture and DevSecOps for Cloud Native Applications conference
The virtual conference will take place on January 27 from 8:00 a.m. – 5:00 p.m. EST and will be preceded by a 2.5-hour training on January 26, showcasing the implementation of Zero Trust Architecture on an actual Platform One deployment. This year’s conference will focus on DevSecOps and ZTA as foundational approaches to developing, deploying, and operating high assurance, cloud native applications. Featured speakers include: André Mendes, Department of Commerce CIO; Kelsey Hightower, Principal Engineer Google Cloud; Ronald Ross, NIST Fellow; and Zack Butcher, Tetrate Founding Engineer. The conference has seen tremendous growth in attendance over the past three years. Past speakers have included Nicolas Chalain, the U.S. Air Force’s first Chief Software Officer, and Zulfikar Ramzan, CTO of RSA Security.
“Cybersecurity incidents are one of the biggest issues facing organizations today, especially as the world moves towards cloud-native applications,” said David Ferraiolo of NIST. “Developing, deploying, and operating zero-trust enabled applications to achieve security, reliability, and resiliency is extremely important for organizations to feel secure.”
“Over the last three years, the NIST–Tetrate conference has featured dialogues and workshops from the world’s most esteemed service mesh and cybersecurity experts," said Varun Talwar, co-founder of Tetrate. "The growth in popularity of the conference is a testament to the importance of ZTA and DevSecOps in a multi-cloud environment. This year, again, we're thrilled to gather together and offer our global community valuable insights and perspectives from top visionaries."
Cloud-native applications often consist of microservices deployed across a combination of public cloud, private cloud, and on-prem, also known as heterogeneous infrastructure. This has created challenges related to connectivity, security, and reliability for delivering high-assurance applications, leading to the popularity of DevSecOps and ZTA. Service mesh plays a critical role in incorporating zero-trust design and DevSecOps principles by adding security and reliability to connect microservices across infrastructures without any additional code.
The conference will feature presentations by domain experts, practitioners, and thought leaders in DevSecOps and Zero Trust Architecture (ZTA) deployments, as well as demonstrations of proof-of-concept use cases in multi-cloud environments. Presentations will address the following:
- ZTA guiding principles and approaches for workflow, system design, and operations through DevSecOps pipelines, authentication and authorization frameworks, and continuous monitoring;
- NIST’s latest guidance on DevSecOps and security engineering practices;
- The role of automation in operational security;
- The benefits of prescribed approaches, such as prevention of configuration drift and continuous authority to operate.
In addition to a lineup of notable speakers, the training on January 26 will help deliver an educational experience where attendees will learn new skills and cover the deployment of a zero-trust platform with the use of Istio, Kubernetes, and other tools to implement the following security components:
- in-app and user-level security permissions,
- encryption in transit,
- enhanced identity and access controls, and
- runtime observability.
Tetrate also provides free passes, on request, to application security professionals who need the $35 fee waived.
Join the virtual event: Registration page
- Join and follow the conversation with hashtag #ZTACon2022 #DevSecOps
- Twitter: @tetrateio
- LinkedIn: Tetrate
- YouTube: Tetrate
For more information regarding ZTA and DevSecOps Conference 2022, an entirely virtual experience taking place this week, please visit: https://www.tetrate.io/zta-devsecops-conference-2022.
About Tetrate–NIST Collaboration
Tetrate and NIST have collaborated over the last three years across multiple deliverables. Using NIST’s experience with cybersecurity and Tetrate’s expertise on secure service mesh, they have collaborated to produce U.S. security standards for a distributed architecture:
- (SP 800-204A) Building Secure Microservices-based Applications Using Service-Mesh Architecture,
- (SP 800-204B) Attribute-based Access Control for Microservices-based Applications using a Service Mesh,
- (SP 800-204C) Implementation of DevSecOps for a Microservices-based Application with Service Mesh, and
- Implementation of Next Generation Access Control (NGAC), a superior authorization framework that’s more fine-grained than role-based access control (RBAC) and attribute-based access control (ABAC), in Tetrate’s products.
Started by Istio founders to reimagine application networking, Tetrate is an enterprise service mesh company managing the complexity of modern, hybrid cloud application infrastructure. Customers get consistent, baked-in observability, runtime security, and traffic management in any environment. Its flagship product, Tetrate Service Bridge, provides an edge-to-workload application connectivity platform to deliver business continuity, agility, and security for enterprises on the journey from traditional monoliths to the cloud. Tetrate remains a top contributor to the open-source projects Istio and Envoy Proxy. Find out more at www.tetrate.io.
The National Institute of Standards and Technology (NIST) was founded by the U.S. Congress in 1901 and is now part of the U.S. Department of Commerce. NIST is one of the nation's oldest physical science laboratories. From the smart electric power grid and electronic health records to atomic clocks, advanced nanomaterials, and computer chips, innumerable products and services today rely in some way on technology, measurement, and standards provided by NIST.