What Can Go Wrong When You Trust Nobody? Threat Modeling Zero Trust
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the critical intersection of Zero Trust principles and cloud-native technologies in this 32-minute conference talk from the Cloud Native Computing Foundation (CNCF). Delve into the importance of threat modeling in multi-cloud and hybrid architectures, learning how to apply the 'never trust, always verify' philosophy effectively. Discover fundamental threat modeling concepts and their application to distributed cloud-native workloads. Examine a demonstration of a simple system built on Zero Trust principles, featuring Istio service mesh within a Kubernetes cluster. Learn about implementing cryptographically strong workload identities using SPIRE server and leveraging Istio External Authorization for delegating layer 7 authorization decisions to OPA sidecars. Gain insights into building a comprehensive threat model and introducing controls aligned with Zero Trust philosophy, including a demonstration of custom signing and verification of OPA bundles.
Syllabus
What Can Go Wrong When You Trust Nobody? Threat Modeling Zero Trust - J Callaghan & R Featherstone
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Hybrid Cloud Infrastructure Foundations with AnthosGoogle Cloud via Coursera Hybrid Cloud Service Mesh with Anthos
Google Cloud via Coursera Architecting Hybrid Cloud Infrastructure with Anthos
Google Cloud via Coursera Introduction to Service Mesh with Linkerd
Linux Foundation via edX Managing Apps on Kubernetes with Istio
Pluralsight