In this digital age, organizations are increasingly adopting cloud-native technologies such as Kubernetes to manage their infrastructure and applications. With this shift comes new challenges, particularly when securing sensitive data and protecting critical infrastructure against cyber threats.
In a Venture Beat article discussing the benefits of viewing Kubernetes’ implementation within a Zero Trust perspective, Kubernetes’ vulnerabilities were found in its “relative newness and dynamic operating paradigm”, making the solution a target for cyberattackers.
A Zero Trust approach is essential to implementing Kubernetes securely, but there’s a few fundamental steps along the way.
First, security teams need to be asking questions and making decisions about what their policy rules are going to be for communications between their computing nodes. If the essential minimum types of connections and communications have not been identified, there is no way to know how to design a system securely.
‘Secure everything’ is a great idea—but can your team figure out all the details to actually do it? In practice, enterprise-scale services are so complex that they often cannot be fully secured in the way that Zero Trust demands. Some components (like Kubernetes clusters and nodes) are modern and more easily addressed, but security teams may not be capable of fully securing legacy applications.
Once a team has answered questions surrounding communication concerns, the next step towards implementing a version of Zero Trust is giving secure and trustworthy identities to all the nodes and applications in a system.
If you know the identities, you can apply a security policy to let them connect or enforce an exclusion as necessary.
Identities require digital certificates, and that's where SecureG comes in.
Unlike traditional PKI, which was developed for web servers and employee credentials, SecureG’s solutions are designed for machine speed and machine scale—especially when there’s no human in the loop.
Our technology can help you build a strong PKI backed by the strongest possible root of trust for critical infrastructure. Contact us today to learn more.
Prior to SecureG, Todd worked at Juniper Networks as both a technical trainer and systems engineer where he obtained JNCIE #0007 and ran the training and certification programs for the East Coast. At Juniper, he became a Subject Matter Expert on Internet backbone routing, and managed a team of 12, co-authored two books and built a modern training facility to support operations. Todd left Juniper for Starent Networks where he worked as a Solution Architect and became a SME on mobile networking for 2.5G, 3G, and 4G networks including LTE and eHRPD. After Starent Networks Todd joined Movik Networks where he helped develop and sell Big Data Analytics solutions for mobile networks as well as advanced content delivery solutions that optimized network performance and user experience. Todd worked to close multiple Tier 1 carriers as customers while there which led to an acquisition by Ribbon Networks. At Ribbon Networks, Todd served as Sales Management Consultant where he ran a team responsible for selling Analytics solutions globally. Todd developed the product, sales team, and built facilities to support the sales process.
Todd has served as a Subject Matter Expert in various disciplines supporting sales teams in the delivery of advanced technologies supporting data analytics, mobile networks, internet backbone routing, policy decision/enforcement, and edge content delivery. Todd has been part of SecureG since 2021 working as a network architect in a pre-sales engineering role concentrating on mission critical networks including 5G and virtualized infrastructure. Todd designs and deploys solutions that provide Zero Trust enabled solutions for the most critical network infrastructures. He utilizes a detailed understanding of wireless packet core, RAN for LTE and 5G networks, virtualized infrastructure, and Zero Trust principles to identify ways to optimize network behavior and improve network security via an enhanced PKI infrastructure.
Sean Turner has been involved in the IETF since IETF 34 and has authored or co-authored over 50 RFCs. From March 2007 to March 2014, Sean served on the IESG as the IETF Security Area Director. Prior to being appointed to the IESG, Sean was chair of the SMIME and XMPP WGs. Currently, Sean is chair of the TLS, MLS, and WPACK WGs. He is founder of sn3rd llc, which focuses on policy, design, and implementation of security solutions, and is author of the Implementing Email and Security Tokens: Current Standards, Tools, and Practices (John Wiley and Sons, 2008).
Russ Housley has worked in the computer and network security field since 1982. Before starting Vigil Security, Russ worked at the Air Force Data Services Center (AFDSC), Xerox Special Information Systems (XSIS), SPYRUS, and RSA Laboratories. His security research and standards interests include security protocols, certificate management, cryptographic key distribution, and high assurance design and development practices. He has been active in many security standards organizations; his recent focus has been on the Internet Engineering Task Force (IETF).
James Gorman – Cyber Security Expert and entrepreneur with experience securing, designing, deploying, and maintaining large-scale, mission-critical applications and networks. James leads teams through multiple FedRAMP, NIST, ISO, PCI, and HITRUST compliance audits, and he has helped numerous companies formulate strategies for compliance and infrastructure scalability. His previous leadership roles span from CISO to VP Network Operations & Engineering to CTO and VP of Operations, at companies as diverse as GE, Epoch Internet, NETtel, SecureNet, Transaction Network Services, AuthX, Certify Global, SecureG, Cyber Defense Media Group, and OnePay.
Bill Anderson, CTO – Bill is a security industry executive with extensive leadership experience founding, funding, and operating security software companies. He served as President of CIS Mobile and as Vice President, Technology Investments at Allied Minds where he managed a portfolio of information security, quantum, and semiconductor design companies.
Bill has held executive roles in product management and marketing at several public and private technology companies. He has served as Vice Chairman of Maryland TEDCO, a $110 million early stage investment company.
Bill has extensive experience in developing and marketing hardware, software, and intellectual property and is an expert on security in the mobile ecosystem.
James FX Payne’s career has spanned the breadth of both cyber and national security. Most recently, he was VP of Special Programs for pExchange LLC, a data services provider specializing in DoD and civilian agency budgets. Previously he stood up the Dun and Bradstreet security practice and was President of the public sector of Z&A Infotek, a company also focused on cybersecurity. Earlier, he was SVP/GM of national security and cyber infrastructure at Telecorida Technologies.
Carlos Solari, VP of Product Development, has a career spanning private and public sector leadership roles and the gamut of IT and cybersecurity. Previously, as VP at Comodo, he led the definition and launch of new security portfolio products for the MSP/MSSP market, launched the company’s SoC-as-a-service offering and ran compliance programs. Earlier, he was CIO of infrastructure and IoT security firm, Mission Secure; VP/GM at Global Security Solutions; and CIO at EOP. He also spent seven years with the FBI and other parts of the U.S. Federal Government in senior security roles.
Mike Denning was previously a partner at Blu Ventures Investors and served on the Cyber Investment Committee and Cyber Fund Investment Committee. Mike spent the last 20 years in the IT security industry, most recently as chief operating officer at ScienceLogic, the leading hybrid IT monitoring software company. He has extensive experience in leading security business management, including as VP of Global Security for Verizon Enterprise, the leading Managed Network Security provider; as the SVP General Manager of the security business unit for CA Technologies, the leader in Identity and Access management software; and management roles for two different security focused business units for VeriSign in the Managed Security Services space.