Throw Away Your Passwords: Trusting Workload Identity - Ric Featherstone, ControlPlane

less than 1 minute read

Abstract

Trust is required to secure our systems: we need it to bootstrap infrastructure, to run workloads, and to reassure our customers of their privacy. But how do we establish and secure this “trust” in a dynamic cloud native system?Historically we relied upon identifiers such as IP addresses, passwords, and certificates, but can we do better than these antiquated authentication mechanisms? In this talk we:Demystify machine identity and its relationship to secrets management and access controlDiscuss the issues with historical approaches in a cloud native environmentSolve the “bottom turtle” trust bootstrap quandaryAppraise the open source implementations and technologies available to youDemonstrate practical examples of how to acquire a workload identity or secret zeroStrive for a world in which passwords and static keys are replaced by dynamic credentials and hardware roots of trustClick here to view captioning/translation in the MeetingPlay platform!

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Throw Away Your Passwords: Trusting Workload Identity - Ric Featherstone, ControlPlane

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google