Sneaking in Network Security

Explore a comprehensive conference talk on implementing strong network segmentation without disrupting existing systems. Learn how to leverage service discovery frameworks to deploy large-scale TLS-based segmentation models that enforce access control while automatically learning authorization rules. Discover techniques for enhancing network security without scheduling downtime or halting development. Gain insights into overcoming the challenges of the "hard-shell, soft-center" network security model and implementing proper internal controls in rapidly growing organizations. Examine a case study of extending SmartStack, an open-source service discovery framework, to protect all communications with mutual TLS and offer both authentication and authorization. Understand how to make this transition transparent to applications, allowing for migration without changing application code or requiring extensive developer training. Benefit from practical guidance on technologies used, challenges encountered, and lessons learned during the rollout process.

35C3 - Sneaking In Network Security