Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

DevSecOps and Zero Trust Architecture (ZTA) for Multi-Cloud Environments

Co-hosted by Tetrate

Video Recordings from the Event

DevSecOps and ZTA for Multi-Cloud session 1
DevSecOps and ZTA for Multi-Cloud session 1
DevSecOps and ZTA for Multi-Cloud session 2
DevSecOps and ZTA for Multi-Cloud session 2
DevSecOps and ZTA for Multi-Cloud session  3
DevSecOps and ZTA for Multi-Cloud session 3
DevSecOps and ZTA for Multi-Cloud session 4
DevSecOps and ZTA for Multi-Cloud session 4

This 1-day virtual conference will focus on DevSecOps and ZTA as foundational approaches in multi-cloud environments. They facilitate rapid secure application development, promote interoperability, and mitigate threats in a perimeter-less environment. The emphasis will be on delivery of DevSecOps and ZTA constructs through use of a “service mesh architecture” – a high-assurance operational infrastructure. These assurances are made available through new tool sets and open-source SDKs, that, through configuration and API calls, enable features such as mutual TLS, secure service discovery, security monitoring, network resilience and authentication and access control at the client, service, and data level.    

The conference program will feature presentations by experts on service mesh architecture and national leaders in DevSecOps and ZTA deployment, and demonstration of proof of concept use cases in multi-cloud environments. Presentations will address the following themes:

  • Mitigating insider threat and “man in the middle” attacks;
  • DevSecOps and ZTA tools, analysis of effectiveness, and deployment experience;
  • Elimination of tight coupling between code implementing application logic and application services using service proxies; and
  • Supporting agile Authority to Operate (ATO).

Agenda (PDF) Updated 1/21/2021

11:00am-5:20pm ET

 

Presentations

Kickoff Keynote

        Varun Talwar, CEO, Tetrate

DevSecOps: Benefits and Vision

        Dr. Ronald Ross, Fellow, NIST                                                                 

NIST SP 800-204B – Attribute-based Access Control for Microservices-based  Applications using Service Mesh

        Dr. Ramaswamy Chandramouli, Senior Scientist, NIST
        
Zack Butcher, Founding Engineer, Tetrate

Zero Trust: Past, Present, and Future

        Dr. Zulfikar Ramzan, Chief Technical Officer, RSA

Air Force (AFLCMC/HNCP) Platform One

        Nicolas M. Chaillan, Chief Software Officer, Air Force
        Co-Lead, DoD Enterprise DevSecOps Initiative

Using Mesh Architecture to support ZTA and DevSecOps

         Adam Zwickey, Engineer, Tetrate

Demo: Identity Provisioning in a Service Mesh

        Ignasi Barrera, Founding Engineer, Tetrate

Demo: Federated Sharing of Disparate Database Resources

        Joshua Roberts, Computer Scientist, NIST

Blockchain-based Secure Software Assets Management (BloSS@M)

        Andrew Weiss, Lead Architect and Technical Advisor, UMBC

Transitioning to the Mesh

     Kevin Paige, CISO, Flexport

Speaker Bios (PDF)

 

Created November 5, 2020, Updated March 10, 2021