Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Designing Zero Trust Systems
Search
Posedio
PRO
February 25, 2025
Programming
0
14
Designing Zero Trust Systems
Posedio
PRO
February 25, 2025
Tweet
Share
More Decks by Posedio
See All by Posedio
Lost Jobs, Zombie Tasks and AirFlow Nightmares: A debugging Deep Dive
posedio
PRO
0
10
Platform user's remorse
posedio
PRO
0
120
Go KonMari on your SQL
posedio
PRO
0
18
Rolling out digital receipts on GCP infrastructure
posedio
PRO
0
13
API First revisited - where did we take a left turn?
posedio
PRO
0
58
Solving Multi-Tenant Challenges: Apache Airflow and Cloud Composer in Action
posedio
PRO
0
40
Contract testing with Java
posedio
PRO
0
36
Flink in two nutshells
posedio
PRO
0
39
Taming the Codebase: Strategies for Refactoring Legacy Code
posedio
PRO
0
34
Other Decks in Programming
See All in Programming
一緒に働きたくなるプログラマの思想 #QiitaConference
mu_zaru
75
18k
Empowering Developers with HTML-Aware ERB Tooling @ RubyKaigi 2025, Matsuyama, Ehime
marcoroth
2
800
SwiftDataのカスタムデータストアを試してみた
1mash0
0
120
Ruby's Line Breaks
yui_knk
2
1.8k
State of Namespace
tagomoris
4
2.1k
PHP で学ぶ OAuth 入門
azuki
1
210
実践Webフロントパフォーマンスチューニング
cp20
36
8.6k
プロフェッショナルとしての成長「問題の深掘り」が導く真のスキルアップ / issue-analysis-and-skill-up
minodriven
8
1.8k
監視 やばい
syossan27
11
10k
Road to RubyKaigi: Making Tinny Chiptunes with Ruby
makicamel
4
470
サービスクラスのありがたみを発見したときの思い出 #phpcon_odawara
77web
4
690
PHPで書いたAPIをGoに書き換えてみた 〜パフォーマンス改善の可能性を探る実験レポート〜
koguuum
0
180
Featured
See All Featured
BBQ
matthewcrist
88
9.6k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
13
1.4k
The Power of CSS Pseudo Elements
geoffreycrofte
75
5.8k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3.2k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.3k
Rails Girls Zürich Keynote
gr2m
94
13k
Site-Speed That Sticks
csswizardry
5
500
Building Adaptive Systems
keathley
41
2.5k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
5
540
Practical Orchestrator
shlominoach
187
11k
Speed Design
sergeychernyshev
29
910
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.7k
Transcript
Designing Zero Trust Systems Damjan Gjurovski, CTO of Posedio Cloud
Native Meetup Linz 25.02.2025
Do it RIGHT. Hello 2 • Head of Technology of
Posedio • Work on Software/Data/Platform Engineering • Largest online transaction processing engine in AT • Largest GCP developer platform in AT • Enjoys building secure systems • How can we build secure systems?
Do it RIGHT. Security, the old way 01
Do it RIGHT. The good old days 4
Do it RIGHT. Becoming useful 5
Do it RIGHT. What about a nice frontend? 6
Do it RIGHT. Admin access needed 7
Do it RIGHT. Load balancing to the rescue 8
Do it RIGHT. Who can access our services 9
Do it RIGHT. Let’s keep things private 10
Do it RIGHT. The crown jewels 11
Do it RIGHT. Compartmentalisation is the solution 12
Do it RIGHT. Or is it? 13
Do it RIGHT. What is security? 02
Do it RIGHT. The glossary 15 CIA triad
Do it RIGHT. The glossary 16 Triple A
Do it RIGHT. The glossary 17 Root of trust
Do it RIGHT. The glossary 18 Identity
Do it RIGHT. How can we secure our systems 03
Do it RIGHT. IdP - Keycloak 20
Do it RIGHT. Workload Identity – SPIFFIE/SPIRE 21
Do it RIGHT. Policy - OPA 22
Do it RIGHT. Permissions - SpiceDB 23
Do it RIGHT. Secrets - Vault 24
Do it RIGHT. mTLS - ISTIO 25
Do it RIGHT. Image scanning - Trivy 26
Do it RIGHT. Image signing – cosign (honourable mention –
chainguard) 27
Do it RIGHT. Threat detection - Falco 28
Do it RIGHT. The Application 29
Do it RIGHT. The Platform 30
Do it RIGHT. THANK YOU! CONTACT US: Weyringergasse 1-3/DG 1040
Wien www.posedio.com office@posedio.com 31