Federal Agency NIST and Service Mesh Leader Tetrate to Co-host Conference on Foundational Security Approaches for Microservices in Multi-Cloud

Focused on DevSecOps and Zero Trust Architecture, the One-Day Virtual Conference will Feature Cybersecurity Leaders and Practitioners from Government and Industry

SAN FRANCISCO--()--Tetrate Inc., the enterprise service mesh company ensuring unified application connectivity and security for on-prem, hybrid and multi-cloud systems, today announced its second IT security conference co-sponsored with the U.S. National Institute for Standards and Technology (NIST).

Security leaders in government and industry will share best practices, demonstrations and real-world use cases that leverage service mesh to deliver Zero Trust Architecture (ZTA) and accelerate DevSecOps across multi-cloud. The virtual conference will be held on January 27, 2021, from 11 a.m. to 5:30 p.m. EST, and registration is ongoing.

“Preventing cyberattacks by nation-states and sophisticated networks of malicious actors requires zero-trust security, authentication and authorization,” said Nicolas M. Chaillan, Chief Software Officer of the U.S. Air Force and Co-Lead of the DoD Enterprise DevSecOps Initiative. “This conference is about breaking silos and implementing world-class standards that bake in layers of preemptive security to ward off attacks and ensure mission-critical applications are deployed with secure, resilient miniservices and microservices operations.”

Leading Security Experts in Government and Industry

The day-long conference kicks off with Tetrate CEO Varun Talwar’s keynote, followed by sessions featuring NIST scientists and IT leaders from the U.S. Air Force, Departments of Commerce (DoC) and Homeland Security (DHS), and the Food & Drug Administration (FDA), as well as cybersecurity experts and engineers from RSA, Flexport, the University of Maryland and Tetrate. Among other interesting talks, Zack Butcher from Tetrate and Ramaswamy Chandramouli from NIST will be presenting NIST IR 8313 (Public Draft) | Attribute-based Access Control for Microservices-based Applications using Service Mesh, an internal implementation guideline for Federal projects.

David Ferraiolo, NIST Group Manager for Secure Systems and Applications Group, explained, “The cyberattacks in the news are just the tip of the iceberg in daily, global cyber warfare across government and enterprise. By bringing together this extraordinary group, we want to promote a deep understanding of cybersecurity, identity and credential management, and especially the role of application service mesh in zero-trust blueprints that can be built into agile software development and deployment cycles.” He encouraged anyone “either in the trenches or leading cybersecurity initiatives” to attend the virtual conference and ask questions.

NGAC Framework and Updated Service Mesh Standards

Tetrate’s previous collaboration with NIST was in defining the standards (SP 800-204A) for Building Secure Microservices-based Applications Using Service-Mesh Architecture and working on the implementation of Next Generation Access Control (NGAC), a superior authorization framework that’s more fine-grained than role-based access control (RBAC) and attribute-based access control (ABAC), in Tetrate’s products.

“Business pressures demand quick release cycles for new software, and too often security is managed as an afterthought and compromised as a result,” acknowledged Tetrate CEO Varun Talwar. “If you’re exploring Zero Trust Architecture for your application workloads and runtimes, Tetrate Service Bridge can get you there painlessly and securely. It provides lightweight mediation for optimized service-to-service communications, and enables authentication, authorization, encryption, service discovery, request routing, load balancing, self-healing recovery and service instrumentation. It helps deliver ZTA and robust DevSecOps. At the conference, you can interact with the thought leaders who are shaping the present and future of microservices security for the cloud-native era.”

About NIST

The National Institute of Standards and Technology (NIST) was founded by the U.S. Congress in 1901 and is now part of the U.S. Department of Commerce. NIST is one of the nation's oldest physical science laboratories. From the smart electric power grid and electronic health records to atomic clocks, advanced nanomaterials, and computer chips, innumerable products and services today rely in some way on technology, measurement, and standards provided by NIST.

About Tetrate

Tetrate offers a safe and fast modernization journey for enterprises. Powered by Envoy and Istio, its flagship product, Tetrate Service Bridge (TSB), seamlessly connects traditional and contemporary workloads. Customers get consistent, baked-in observability, runtime security and traffic management for all deployments, in any environment. With TSB, you can run the same secured, validated and tested Istio service mesh for a multi-tenant and multi-cluster environment anywhere you want. In addition to its technology, Tetrate brings a world-class team that leads the open Envoy and Istio projects, providing best practices and playbooks that enterprises can use to keep their people and processes ahead of the curve.


Sana Javaid


Sana Javaid