Hardening Istio security with SPIRE
Integrating SPIRE with Istio brings uniform, SPIFFE-based identity to service meshes by letting Envoy's Secret Discovery Service consume SPIRE identities.
Read more →Blog
News, deep dives, and updates from the maintainers and community behind SPIFFE and SPIRE.
SPIRE now runs on Windows!
SPIRE 1.3.0 adds experimental support for running the Server and Agent on Windows, extending workload identity beyond Linux with a Windows workload attestor.
Read more →Enabling Authenticated Communication for Serverless Workloads with SPIRE
Serverless platforms can't run a SPIRE Agent next to the workload. The SVIDStore plugin fixes this by pushing X.509-SVIDs to stores like AWS Secrets Manager.
Read more →Scrutinizing SPIRE to Sensibly Strengthen SPIFFE Security (Part Two)
Part two scores and ranks attacks on SPIRE by impact and likelihood, finding the biggest risks stem from its centralized signing, plus low-effort mitigations.
Read more →Scrutinizing SPIRE to Sensibly Strengthen SPIFFE Security (Part One)
Part one of a security analysis of the SPIFFE Runtime Environment (SPIRE): its architecture, security properties, and a threat model for assessing attacks.
Read more →SPIFFE/SPIRE move to CNCF Incubation-level hosted projects!
SPIFFE and SPIRE have moved from CNCF sandbox to incubation level. A look at the milestones, from a security self-assessment to due diligence, behind the move.
Read more →[Re-Cap] SPIFFE Community Day: Spring 2020
A recap of Spring 2020 SPIFFE Community Day, the first held fully online, with 300+ attendees and deployment stories from ByteDance, Square, and Uber.
Read more →[Re-Cap] SPIFFE Community Day: Fall 2019
A recap of Fall 2019 SPIFFE Community Day (200+ attendees): TPM node attestation at Bloomberg, Hadoop workloads at Uber, and SPIRE-backed service meshes.
Read more →[Re-Cap] SPIFFE Community Day: Spring 2019
A recap of the May 2019 SPIFFE Community Day, hosted by Pinterest and Scytale: case studies from Uber and Square plus demos with Kubernetes, Envoy, and Istio.
Read more →[Re-Cap] SPIFFE Community Day: Fall 2018
A recap of SPIFFE's seventh Community Day (November 2018): project updates, demos, and talks from Pinterest, Square, and VMware, plus Federation and JWT-SVIDs.
Read more →