THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
With Kuma
THE CLOUD CONNECTIVITY
COMPANY
1
https://konghq.com
https://kuma.io
Zero-Trust
THE CLOUD
CONNECTIVITY COMPANY
P A L L A D I N O
Marco
CO-FOUNDER & CTO AT KONG
THE CLOUD
CONNECTIVITY COMPANY
Connectivity Powers Innovation
CONNECTIVITY
NUMBER OF SERVICES
THE CLOUD
CONNECTIVITY COMPANY
Trust is exploitable
4
THE CLOUD
CONNECTIVITY COMPANY
Trust is exploitable
5
X
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
ZERO-TRUST SECURITY
We need virtual passports
for our services.
8
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
1. Kubernetes, VMs, Multi-Cloud
2. Single and Multi-Zone
3. Multi-Mesh, Native Policies, Easy to Use
900+ Organizations
Have deployed Kuma
as a Service Mesh in the past 12 months
C
O
N
T
R
O
L
P
L
A
N
E
SERVICE
S
E
R
V
I
C
E
Sandbox Project
THE CLOUD
CONNECTIVITY COMPANY
Multi-Mesh And
Easy To Use & Scale
Universal (K8s + VMs),
Attribute-Based Policies & More
Built-in Multi Zone
Connectivity
Intelligently route traffic across any
platform and any cloud to meet
expectations and SLAs
Restrict access and encrypt all traffic by
default to only complete transactions
when identity is verified 
Out of the box connectivity across
multi-cluster, multi-cloud and
multi-platform deployments across the
world.
THE CLOUD
CONNECTIVITY COMPANY
THE CLOUD
CONNECTIVITY COMPANY
Kubernetes Native (CRDs)
Universal CLI
HTTP API
Built-in GUI
EASY TO USE
THE CLOUD
CONNECTIVITY COMPANY
Security
Traffic Control
Observability
Advanced Policies
POLICY BASED
THE CLOUD
CONNECTIVITY COMPANY
70+ Observability Charts
Native API Gateway Integration
One-Click Zero Trust
BATTERIES INCLUDED
THE CLOUD
CONNECTIVITY COMPANY
ZERO TRUST WITH KUMA
apiVersion: kuma.io/v1alpha1
kind: Mesh
metadata:
name: default
spec:
mtls:
enabledBackend: ca-1
backends:
- name: ca-1
type: builtin
dpCert:
rotation:
expiration: 1d
conf:
caCert:
RSAbits: 2048
expiration: 10y
THE CLOUD
CONNECTIVITY COMPANY
ZERO TRUST WITH KUMA
apiVersion: kuma.io/v1alpha1
kind: TrafficPermission
mesh: default
metadata:
name: allow-all-traffic
spec:
sources:
- match:
kuma.io/service: '*'
destinations:
- match:
kuma.io/service: '*'
THE CLOUD
CONNECTIVITY COMPANY
IN KONG MESH
type: OPAPolicy
mesh: default
name: opa-1
selectors:
- match:
kuma.io/service: backend
conf:
policy:
inlineString: |
package envoy.authz
import input.attributes.request.http as http_request
default allow = false
token = {"valid": valid, "payload": payload} {
[_, encoded] := split(http_request.headers.authorization, " ")
[valid, _, payload] := io.jwt.decode_verify(encoded, {"secret":
"secret"})
}
allow {
is_token_valid
action_allowed
}
THE CLOUD
CONNECTIVITY COMPANY
DEMO
THE CLOUD
CONNECTIVITY COMPANY 26
More Connectivity Zero
Trust
Service Mesh
Kuma
THE CLOUD
CONNECTIVITY COMPANY 27
Download at KUMA.IO
Enterprise Offering:
konghq.com/kong-mesh

More Related Content

PDF
apidays LIVE New York 2021 - How to Achieve Zero-Trust Security with Kuma Ser...
PDF
INTERFACE, by apidays - How to Achieve Zero-Trust Security by Marco Palladin...
PDF
apidays LIVE Singapore 2021 - Embedding finance into the customer journey by ...
PPTX
Euro-Wallet White Label
PPTX
apidays LIVE JAKARTA - Take control of your microservices with App Mesh by Ak...
PDF
Value Add Services - Go To Market engines
PDF
TADS Telecom Summit Layer 7 Ross Garrett
PDF
Umbraco Certified Partner
apidays LIVE New York 2021 - How to Achieve Zero-Trust Security with Kuma Ser...
INTERFACE, by apidays - How to Achieve Zero-Trust Security by Marco Palladin...
apidays LIVE Singapore 2021 - Embedding finance into the customer journey by ...
Euro-Wallet White Label
apidays LIVE JAKARTA - Take control of your microservices with App Mesh by Ak...
Value Add Services - Go To Market engines
TADS Telecom Summit Layer 7 Ross Garrett
Umbraco Certified Partner

What's hot (20)

PDF
What Can You Do With Twilio
PDF
15th Anniversary of HideMyAss!
PDF
Lead Gen in the Post-PC World - LeadsCon 2012
PDF
Cyrus Recharge - Mobile Recharge Software
PDF
Create an IVR that Keeps Up with Your Customers
PDF
Why Venture Capitalists invest in the app economy T-Ventures Deutsche Telekom
PDF
Exit the road ahead for startups - from a view of a Venture Capitalist
PDF
Twilio SMS - API for Sending & Receiving SMS Messages
PDF
apidays LIVE Australia 2020 - API Design in Fintech: Challenges and Opportuni...
PDF
Why to chose IGateway as your GPS Partner?
PPTX
Hms slasscom meetup ppt v1.0.0
PDF
Accelerating Innovation with APIs: Social TV case study at Orange
PPTX
Tracking chips
PDF
Twilio Signal 2016 Taking Your SMS App Global
PDF
Leading UK wealth management firm, Williams de Broë, needed to meet new Fina...
PPTX
Over The Top Service ...How can telcos meet the OTT services challenge?
PDF
Twilio Contact Center Overview
PDF
hSenid Mobile's journey with TADHack: TADSummit Sponsor's Plenary
PDF
Startup galore how VCs think in a unicorn world - T-Venture Thomas Grota
PDF
WSO2 Ecosystem platform for Connected Telco
What Can You Do With Twilio
15th Anniversary of HideMyAss!
Lead Gen in the Post-PC World - LeadsCon 2012
Cyrus Recharge - Mobile Recharge Software
Create an IVR that Keeps Up with Your Customers
Why Venture Capitalists invest in the app economy T-Ventures Deutsche Telekom
Exit the road ahead for startups - from a view of a Venture Capitalist
Twilio SMS - API for Sending & Receiving SMS Messages
apidays LIVE Australia 2020 - API Design in Fintech: Challenges and Opportuni...
Why to chose IGateway as your GPS Partner?
Hms slasscom meetup ppt v1.0.0
Accelerating Innovation with APIs: Social TV case study at Orange
Tracking chips
Twilio Signal 2016 Taking Your SMS App Global
Leading UK wealth management firm, Williams de Broë, needed to meet new Fina...
Over The Top Service ...How can telcos meet the OTT services challenge?
Twilio Contact Center Overview
hSenid Mobile's journey with TADHack: TADSummit Sponsor's Plenary
Startup galore how VCs think in a unicorn world - T-Venture Thomas Grota
WSO2 Ecosystem platform for Connected Telco
Ad

Similar to apidays LIVE New York 2021 - How to Achieve Zero-Trust Security with Kuma Service Mesh by Marco Palladino, Kong (20)

PDF
apidays LIVE Paris 2021 - How to Achieve Zero-Trust Security With Kuma Servic...
PDF
apidays LIVE Australia 2021 - How to Achieve Zero-Trust Security With Kuma Se...
PDF
Kong Mesh入門編
PDF
Hajimeteno kong 210415
PDF
"はじめてのKong Konnect" APIゲートウェイと Service Meshについて学ぼう!
PDF
Kong updatewebinar 210603
PDF
"Kongゲートウェイ2.5リリース" Kong Konnectアップデート オンラインミートアップ
PDF
Proxies, gateways, and meshes cloud connectivity patterns for developers
PDF
Kong Academyを日本語でお届け!#3 ”はじめてのKong”オンラインミートアップ
PDF
Kong Academyを日本語でお届け!#4 ”はじめてのKong”オンラインミートアップKong Developer Portal編
PDF
A Better Way for Applications to Communicate With Your Mesh
PDF
Connectivity Is the Future
PDF
Implementing a Reliable, Auto-Healing Scalable Platform at VMware
PDF
Full Stack Automation With Go
PDF
Break data silos with real-time connectivity using Confluent Cloud Connectors
PDF
Kong ingress controller kubernetes ingress on steroids
PDF
HCCJP 23回勉強会 5分で分かる APIゲートウェイと サービスメッシュの違い なぜAPIの管理とサービスメッシュは異なるユースケース を補完するパ...
PDF
apidays LIVE Australia 2020 - Connectivity Rules Everything Around Us by Marc...
PDF
apidays LIVE Hong Kong - Connectivity Rules Everything Around Us by Marco Pal...
PDF
Security, Automation and the Software Supply Chain
apidays LIVE Paris 2021 - How to Achieve Zero-Trust Security With Kuma Servic...
apidays LIVE Australia 2021 - How to Achieve Zero-Trust Security With Kuma Se...
Kong Mesh入門編
Hajimeteno kong 210415
"はじめてのKong Konnect" APIゲートウェイと Service Meshについて学ぼう!
Kong updatewebinar 210603
"Kongゲートウェイ2.5リリース" Kong Konnectアップデート オンラインミートアップ
Proxies, gateways, and meshes cloud connectivity patterns for developers
Kong Academyを日本語でお届け!#3 ”はじめてのKong”オンラインミートアップ
Kong Academyを日本語でお届け!#4 ”はじめてのKong”オンラインミートアップKong Developer Portal編
A Better Way for Applications to Communicate With Your Mesh
Connectivity Is the Future
Implementing a Reliable, Auto-Healing Scalable Platform at VMware
Full Stack Automation With Go
Break data silos with real-time connectivity using Confluent Cloud Connectors
Kong ingress controller kubernetes ingress on steroids
HCCJP 23回勉強会 5分で分かる APIゲートウェイと サービスメッシュの違い なぜAPIの管理とサービスメッシュは異なるユースケース を補完するパ...
apidays LIVE Australia 2020 - Connectivity Rules Everything Around Us by Marc...
apidays LIVE Hong Kong - Connectivity Rules Everything Around Us by Marco Pal...
Security, Automation and the Software Supply Chain
Ad

More from apidays (20)

PDF
apidays Munich 2025 - The Physics of Requirement Sciences Through Application...
PDF
apidays Munich 2025 - Developer Portals, API Catalogs, and Marketplaces, Miri...
PDF
apidays Munich 2025 - Making Sense of AI-Ready APIs in a Buzzword World, Andr...
PDF
apidays Munich 2025 - Integrate Your APIs into the New AI Marketplace, Senthi...
PDF
apidays Munich 2025 - The Double Life of the API Product Manager, Emmanuel Pa...
PDF
apidays Munich 2025 - Let’s build, debug and test a magic MCP server in Postm...
PDF
apidays Munich 2025 - The life-changing magic of great API docs, Jens Fischer...
PDF
apidays Munich 2025 - Automating Operations Without Reinventing the Wheel, Ma...
PDF
apidays Munich 2025 - Geospatial Artificial Intelligence (GeoAI) with OGC API...
PPTX
apidays Munich 2025 - GraphQL 101: I won't REST, until you GraphQL, Surbhi Si...
PPTX
apidays Munich 2025 - Effectively incorporating API Security into the overall...
PPTX
apidays Munich 2025 - Federated API Management and Governance, Vince Baker (D...
PPTX
apidays Munich 2025 - Agentic AI: A Friend or Foe?, Merja Kajava (Aavista Oy)
PPTX
apidays Munich 2025 - Streamline & Secure LLM Traffic with APISIX AI Gateway ...
PPTX
apidays Munich 2025 - Building Telco-Aware Apps with Open Gateway APIs, Subhr...
PPTX
apidays Munich 2025 - Building an AWS Serverless Application with Terraform, ...
PDF
apidays Helsinki & North 2025 - REST in Peace? Hunting the Dominant Design fo...
PDF
apidays Helsinki & North 2025 - Monetizing AI APIs: The New API Economy, Alla...
PDF
apidays Helsinki & North 2025 - How (not) to run a Graphql Stewardship Group,...
PDF
apidays Helsinki & North 2025 - APIs in the healthcare sector: hospitals inte...
apidays Munich 2025 - The Physics of Requirement Sciences Through Application...
apidays Munich 2025 - Developer Portals, API Catalogs, and Marketplaces, Miri...
apidays Munich 2025 - Making Sense of AI-Ready APIs in a Buzzword World, Andr...
apidays Munich 2025 - Integrate Your APIs into the New AI Marketplace, Senthi...
apidays Munich 2025 - The Double Life of the API Product Manager, Emmanuel Pa...
apidays Munich 2025 - Let’s build, debug and test a magic MCP server in Postm...
apidays Munich 2025 - The life-changing magic of great API docs, Jens Fischer...
apidays Munich 2025 - Automating Operations Without Reinventing the Wheel, Ma...
apidays Munich 2025 - Geospatial Artificial Intelligence (GeoAI) with OGC API...
apidays Munich 2025 - GraphQL 101: I won't REST, until you GraphQL, Surbhi Si...
apidays Munich 2025 - Effectively incorporating API Security into the overall...
apidays Munich 2025 - Federated API Management and Governance, Vince Baker (D...
apidays Munich 2025 - Agentic AI: A Friend or Foe?, Merja Kajava (Aavista Oy)
apidays Munich 2025 - Streamline & Secure LLM Traffic with APISIX AI Gateway ...
apidays Munich 2025 - Building Telco-Aware Apps with Open Gateway APIs, Subhr...
apidays Munich 2025 - Building an AWS Serverless Application with Terraform, ...
apidays Helsinki & North 2025 - REST in Peace? Hunting the Dominant Design fo...
apidays Helsinki & North 2025 - Monetizing AI APIs: The New API Economy, Alla...
apidays Helsinki & North 2025 - How (not) to run a Graphql Stewardship Group,...
apidays Helsinki & North 2025 - APIs in the healthcare sector: hospitals inte...

Recently uploaded (20)

PDF
Auditboard EB SOX Playbook 2023 edition.
PDF
Co-training pseudo-labeling for text classification with support vector machi...
PDF
Aug23rd - Mulesoft Community Workshop - Hyd, India.pdf
PPTX
Training Program for knowledge in solar cell and solar industry
PDF
Connector Corner: Transform Unstructured Documents with Agentic Automation
PDF
Enhancing plagiarism detection using data pre-processing and machine learning...
PDF
Introduction to MCP and A2A Protocols: Enabling Agent Communication
PDF
4 layer Arch & Reference Arch of IoT.pdf
PDF
A hybrid framework for wild animal classification using fine-tuned DenseNet12...
PDF
Early detection and classification of bone marrow changes in lumbar vertebrae...
PPTX
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
PDF
Transform-Your-Factory-with-AI-Driven-Quality-Engineering.pdf
PPTX
Microsoft User Copilot Training Slide Deck
PDF
Dell Pro Micro: Speed customer interactions, patient processing, and learning...
PDF
Improvisation in detection of pomegranate leaf disease using transfer learni...
PPTX
future_of_ai_comprehensive_20250822032121.pptx
PDF
Accessing-Finance-in-Jordan-MENA 2024 2025.pdf
PDF
AI.gov: A Trojan Horse in the Age of Artificial Intelligence
PDF
5-Ways-AI-is-Revolutionizing-Telecom-Quality-Engineering.pdf
PPTX
MuleSoft-Compete-Deck for midddleware integrations
Auditboard EB SOX Playbook 2023 edition.
Co-training pseudo-labeling for text classification with support vector machi...
Aug23rd - Mulesoft Community Workshop - Hyd, India.pdf
Training Program for knowledge in solar cell and solar industry
Connector Corner: Transform Unstructured Documents with Agentic Automation
Enhancing plagiarism detection using data pre-processing and machine learning...
Introduction to MCP and A2A Protocols: Enabling Agent Communication
4 layer Arch & Reference Arch of IoT.pdf
A hybrid framework for wild animal classification using fine-tuned DenseNet12...
Early detection and classification of bone marrow changes in lumbar vertebrae...
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
Transform-Your-Factory-with-AI-Driven-Quality-Engineering.pdf
Microsoft User Copilot Training Slide Deck
Dell Pro Micro: Speed customer interactions, patient processing, and learning...
Improvisation in detection of pomegranate leaf disease using transfer learni...
future_of_ai_comprehensive_20250822032121.pptx
Accessing-Finance-in-Jordan-MENA 2024 2025.pdf
AI.gov: A Trojan Horse in the Age of Artificial Intelligence
5-Ways-AI-is-Revolutionizing-Telecom-Quality-Engineering.pdf
MuleSoft-Compete-Deck for midddleware integrations

apidays LIVE New York 2021 - How to Achieve Zero-Trust Security with Kuma Service Mesh by Marco Palladino, Kong