April 19, 2023

Introduction to Zero Trust Infrastructure with Hashicorp’s Rosemary Wang

Share In
How to Subscribe

Zero trust infrastructure is an approach to security that requires all users, devices, and services to be authenticated and authorized before being granted access to resources. Unlike traditional security models that assume everything inside the network is trusted, zero trust assumes that all traffic is untrusted.

In today's world, where cyber threats are becoming increasingly sophisticated, Zero trust infrastructure is crucial for protecting sensitive data and preventing unauthorized access.

Hashicorp is a company that provides a suite of tools for building and managing secure systems. Their products, such as Vault, Consul, and Boundary, can help organizations implement a zero trust approach to security.

Vault is a tool for securely storing and managing secrets such as passwords, API keys, and certificates. It provides a centralized place to manage access to secrets and has several features to ensure the security of these secrets, such as encryption, access control, and auditing.

Consul is a service discovery and configuration tool that provides a secure way to connect and manage services across different networks. It provides features such as service discovery, health checking, and load balancing, and can be integrated with Vault for secure authentication and authorization.

Boundary is a tool for securing access to infrastructure and applications. It provides a secure way to access resources across different networks and can be integrated with Vault and Consul for secure authentication and authorization.

Rosemary Wang, Developer Advocate at Hashicorp joins the show to explain zero trust infrastructure and how HashiCorp Vault, Consul, and Boundary help organizations build zero trust into their architecture.

Topics:

  • Why do you think we need developer tooling for access and authorization at a lower level within someone’s infrastructure?
  • Can you explain what zero trust is and why it's important for modern security architectures?
  • How does HashiCorp Vault, Boundary, and Consul fit into a zero trust security model?
  • What is HashiCorp Vault and what problem does it help a company solve?
  • What are some common use cases for HashiCorp Vault, and how can it help organizations with their security and compliance requirements?
  • How does HashiCorp Vault handle secrets rotation and expiration?
  • What is application based networking and how does this concept relate to HashiCorp Consul?
  • Can you walk us through the process of setting up and configuring HashiCorp Consul for a typical enterprise environment?
  • What are some common challenges or pitfalls that organizations face when using HashiCorp Consul, and how can they overcome them?
  • How does Boundary simplify remote access to critical resources in a zero trust environment?
  • What are some common use cases for HashiCorp Boundary, and how can it help organizations with their security and compliance requirements?
  • How does HashiCorp approach balancing security with ease of use for its products?
  • Can you talk about any upcoming features or developments in Vault, Boundary, or Consul that users should be excited about?

Resources:

Other Podcast

May 24, 2023

Engineering for Data Privacy: Navigating Infrastructure, Security, and Compliance with Skyflow's Roshmik Saha

In this episode Roshmik Saha, Head of Engineering at Skyflow, dives into the fascinating realm of data privacy and security solutions. Whether you're considering building your own privacy solution or seeking insights into the infrastructure requirements for handling credit card data securely, this episode has you covered.

May 17, 2023

Canadian Data Privacy Regulations and History with nNovation's Constantine Karbaliotis

In this episode, Constantine Karbaliotis from nNovation, a certified privacy professional with a wealth of experience in the field of privacy and data protection joins the show. During our conversation, we explore the evolution of Canadian data privacy regulations, from their early beginnings to the current landscape, which is shaped by a range of federal and provincial laws.

May 10, 2023

Understanding SOC-2 Compliance and Achieving It with Skyflow's Daniel Wong

Daniel Wong, Head of Security and Compliance at Skyflow, joins the show to share his insights into SOC-2 compliance and the steps companies can take to achieve it. Throughout the interview, Daniel explains what SOC-2 compliance is, why it's important, and how it differs from other compliance standards.