Read the abstract ➤ https://www.conf42.com/DevSecOps_2023_Gufran_Mirza_securing_kubernetes_istio_service_mesh Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 1:43 preamble 2:06 talk outline 2:35 what is a service mesh 3:27 istio features 4:32 important terminology 4:57 before istio 5:37 pod with sidecar 6:25 sidecar proxy 7:07 how is the sidecar injected 7:57 with istio - sidecar intercepts all traffic 8:29 istio architecture 9:26 service mesh security 9:37 service identities - the starting point 10:52 conversion of identity into a certificate 11:52 identity provisioning workflow 12:23 authentication 13:42 auth flow 14:35 peer authentication 15:48 demo 22:22 ingress gateway 26:07 demo 32:32 authorization 34:39 auth flow 35:15 demo 41:22 questions?