Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Designing Zero Trust Systems
Search
Posedio
PRO
February 25, 2025
Programming
0
21
Designing Zero Trust Systems
Posedio
PRO
February 25, 2025
Tweet
Share
More Decks by Posedio
See All by Posedio
Lost Jobs, Zombie Tasks and AirFlow Nightmares: A debugging Deep Dive
posedio
PRO
0
17
Platform user's remorse
posedio
PRO
0
120
Go KonMari on your SQL
posedio
PRO
0
19
Rolling out digital receipts on GCP infrastructure
posedio
PRO
0
15
API First revisited - where did we take a left turn?
posedio
PRO
0
61
Solving Multi-Tenant Challenges: Apache Airflow and Cloud Composer in Action
posedio
PRO
0
51
Contract testing with Java
posedio
PRO
0
43
Flink in two nutshells
posedio
PRO
0
53
Taming the Codebase: Strategies for Refactoring Legacy Code
posedio
PRO
0
42
Other Decks in Programming
See All in Programming
Benchmark
sysong
0
270
システム成長を止めない!本番無停止テーブル移行の全貌
sakawe_ee
1
150
なぜ「共通化」を考え、失敗を繰り返すのか
rinchoku
1
570
Bytecode Manipulation 으로 생산성 높이기
bigstark
2
380
なぜ適用するか、移行して理解するClean Architecture 〜構造を超えて設計を継承する〜 / Why Apply, Migrate and Understand Clean Architecture - Inherit Design Beyond Structure
seike460
PRO
1
700
既存デザインを変更せずにタップ領域を広げる方法
tahia910
1
240
PHP 8.4の新機能「プロパティフック」から学ぶオブジェクト指向設計とリスコフの置換原則
kentaroutakeda
2
660
Is Xcode slowly dying out in 2025?
uetyo
1
210
deno-redisの紹介とJSRパッケージの運用について (toranoana.deno #21)
uki00a
0
150
Node-RED を(HTTP で)つなげる MCP サーバーを作ってみた
highu
0
110
WebViewの現在地 - SwiftUI時代のWebKit - / The Current State Of WebView
marcy731
0
100
PostgreSQLのRow Level SecurityをPHPのORMで扱う Eloquent vs Doctrine #phpcon #track2
77web
2
390
Featured
See All Featured
Automating Front-end Workflow
addyosmani
1370
200k
GraphQLとの向き合い方2022年版
quramy
49
14k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.3k
Building Applications with DynamoDB
mza
95
6.5k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.8k
VelocityConf: Rendering Performance Case Studies
addyosmani
331
24k
Adopting Sorbet at Scale
ufuk
77
9.4k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Designing for humans not robots
tammielis
253
25k
Designing for Performance
lara
609
69k
Code Review Best Practice
trishagee
68
18k
Transcript
Designing Zero Trust Systems Damjan Gjurovski, CTO of Posedio Cloud
Native Meetup Linz 25.02.2025
Do it RIGHT. Hello 2 • Head of Technology of
Posedio • Work on Software/Data/Platform Engineering • Largest online transaction processing engine in AT • Largest GCP developer platform in AT • Enjoys building secure systems • How can we build secure systems?
Do it RIGHT. Security, the old way 01
Do it RIGHT. The good old days 4
Do it RIGHT. Becoming useful 5
Do it RIGHT. What about a nice frontend? 6
Do it RIGHT. Admin access needed 7
Do it RIGHT. Load balancing to the rescue 8
Do it RIGHT. Who can access our services 9
Do it RIGHT. Let’s keep things private 10
Do it RIGHT. The crown jewels 11
Do it RIGHT. Compartmentalisation is the solution 12
Do it RIGHT. Or is it? 13
Do it RIGHT. What is security? 02
Do it RIGHT. The glossary 15 CIA triad
Do it RIGHT. The glossary 16 Triple A
Do it RIGHT. The glossary 17 Root of trust
Do it RIGHT. The glossary 18 Identity
Do it RIGHT. How can we secure our systems 03
Do it RIGHT. IdP - Keycloak 20
Do it RIGHT. Workload Identity – SPIFFIE/SPIRE 21
Do it RIGHT. Policy - OPA 22
Do it RIGHT. Permissions - SpiceDB 23
Do it RIGHT. Secrets - Vault 24
Do it RIGHT. mTLS - ISTIO 25
Do it RIGHT. Image scanning - Trivy 26
Do it RIGHT. Image signing – cosign (honourable mention –
chainguard) 27
Do it RIGHT. Threat detection - Falco 28
Do it RIGHT. The Application 29
Do it RIGHT. The Platform 30
Do it RIGHT. THANK YOU! CONTACT US: Weyringergasse 1-3/DG 1040
Wien www.posedio.com
[email protected]
31