HPE Ezmeral: Uncut

Establishing a foundation for Zero Trust with SPIFFE at HPE Discover

Learn how to establish a foundation for a Zero Trust security model with cloud native identity. Explore live and on-demand SPIFFE sessions and demos at HPE Discover Virtual Experience!

800x533 GettyImages-1174788029_1600_0_72_RGB.jpgI am a newbie to Hewlett Packard Enterprise (HPE) and recently joined via the Scytale acquisition. Scytale was the founding contributor to Cloud Native Foundation's (CNCF's) SPIFFE (the Secure Production Identity Framework for Everyone) and SPIRE (the SPIFFE Runtime Environment) open source projects. With Scytale, HPE acquired a seasoned team of experts in cloud-native security and zero-trust networking.

Post-acquisition, HPE is fully committed to continuing Scytale's stewardship and contribution to these open source projects. We are excited to showcase multiple sessions, demos, and workshops at HPE Discover Software Week to help attendees understand the critical capabilities, use cases, and value of SPIFFE and SPIRE projects.

But before I share the sessions, I wanted to take a step back and talk about why a Zero Trust-based security model is essential for securing today's enterprise IT environments and what role SPIFFE plays.

Why Zero Trust and SPIFFE? 

The last few years have seen a massive change in how applications and services are architected and deployed. Enterprise services are now running across cloud, container, and on-premise platforms, fueling operational complexity and risk. As a result, Zero Trust has emerged as an increasingly necessary pre-requisite to efficiently secure today's modern architectures. Identity and authentication for applications and services (not just humans) are the foundation for building robust, scalable, and efficient Zero Trust environments.

The SPIFFE and SPIRE projects, which recently entered the incubate stage at CNCF, provide an open source identity framework and system for establishing trust between software services using attested cryptographic identities. These projects enable organizations to deploy consistent, fine-grained cross-service authentication via a "dial-tone" API across heterogeneous environments while reducing the operational complexity for development, operations, and security teams.

HPE Discover: Explore live and on-demand sessions

This year, HPE brings dynamic speakers and compelling sessions to our customers, partners, and peers through HPE Discover Virtual Experience. The event began on June 23, but don’t worry – you can still register and watch all the on-demand talks, workshops, and demos on topics ranging from 5G to containers. And new content is available starting July 29; numerous experts will deep-dive into the HPE Ezmeral software portfolio and focus on software critical to fueling data-driven transformations: containers, data fabric, and more.

Below are recordings to the cloud-native identity and SPIFFE-related sessions from HPE Discover:

Cloud Native Identity and SPIFFE-related Sessions: 

  • (B2662) Identity in the era of microservices (Speaker: Sunil James, HPE): Sunil talks about the fundamental idea of identity and showcase its applicability to the exploding world of microservices running upon clouds, platforms, and hardware of all kinds.
  • (F2663) Establishing the foundation for zero trust with cloud native identity (Speakers: Bobby Samuel, Anthem and Frederick Kautz, Doc.ai): Join us in this session to learn how the platform and security engineering teams at Anthem and Doc.ai are using SPIFFE and SPIRE to build a robust and secure foundation of their next-gen applications and infrastructure. 
  • (T665Deploying "Dial-Tone" Authentication for Web-Scale Services @ ByteDance/TikTok (Speaker: Eli Nesterov, ByteDance): In this session you will learn how Bytedance, the company behind TikTok, is using the SPIRE project to deploy consistent "dial tone" authentication across large-scale, geographically dispersed internet services.
  • (T3663Securely Connecting All Software Across Hybrid Infrastructure (Speaker: Andres Vega, HPE): In this session, Andres will share how SPIFFE and SPIRE form a common identity plane for all software systems across technology and ownership boundaries. And, all without annoying passwords, API keys, or secrets.
  • (T664) Securely extending Kerberos-based authentication to the cloud (Speaker: Madhukesh Wali – HPE): Join us in this session to learn how you can easily extend Kerberos-based authentication to the cloud without exposing identity providers to the public internet or breaking or changing existing risk policies with Project Cosigno (based on SPIFFE). 

SPIFFE and SPIRE Workshops: 

HPE is also hosting three workshops to help you get some hands-on experience on the projects.

  • (W683) Hack Shack (LIVE): SPIFFE and SPIRE Fundamentals
  • (W684) Hack Shack (LIVE): Enabling PKI-based Database Authentication with SPIRE 
  • (W685) Hack Shack (LIVE): Strengthening Envoy Authentication With SPIRE

Meet the SPIFFE Experts for Demos and Q&A:

  • (M693) Meet the Experts (LIVE): Zero Trust Service Authentication with SPIFFE Tour: Join us live on July 29th to learn about SPIFFE and SPIRE; plus see use case-based demos. We will have plenty of time for Q&A, as well. 

Looking forward to seeing you all at HPE Discover Virtual Experience. Build your agenda today!

Umair Khan

Hewlett Packard Enterprise


Umair Khan is a Senior Product Marketing Manager at Hewlett Packard Enterprise (HPE) in the Enterprise Software Business Unit. Umair, who joined HPE as part of the Scytale acquisition, leads community and marketing efforts for SPIFFE and SPIRE projects.Umair Khan is a Senior Product Marketing Manager at Hewlett Packard Enterprise (HPE) in the Enterprise Software Business Unit. Umair, who joined HPE as part of the Scytale acquisition, leads community and marketing efforts for SPIFFE and SPIRE projects.

0 Kudos
About the Author