SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Jetstack's new flagship product brings security to cloud native platforms
Wed, 10th Feb 2021
FYI, this story is more than a year old

Jetstack has launched a new enterprise-grade machine identity management product for cloud native platforms.

Jetstack Secure, the new flagship product, extends the core value of the cert-manager open source project.

It delivers comprehensive protection and full visibility of machine identities to cloud native platform and security teams, including public trusted certificates for ingress TLS, as well as private certificates for internal workloads using mTLS across a service mesh.

Jetstack Secure comes ready packaged with a web-based management interface and enterprise-grade support from the team behind the project.

The product builds a detailed view of the enterprise security posture across multiple clusters and clouds, including certificates that have been manually created by developers, and proactively identifies operational issues based on cert-manager status and health, as well as X.509 certificate misconfiguration.

Built to operate in fast-paced, rapidly evolving Kubernetes and OpenShift environments, Jetstack Secure deploys using Kubernetes resources, including an open source agent, and it is backed by a reliable and scalable SaaS managed by Jetstack, the company states.

The full interface can be set-up to run for free on a single cluster and customers can upgrade for advanced multi-cluster and alerting capabilities, according to Jetstack.

Jestack are the original creators of cert-manager. The company donated the cert-manager project to the Cloud Native Computing Foundation (CNCF) “Sandbox” in November.

Jetstack CTO and cofounder Matt Bates says, “We've seen first-hand from our work with customers that adopting cloud native technologies and modern microservice architecture very quickly leads to a significant growth of TLS certificates - from ingress TLS, to intra-service mTLS, Kubernetes webhooks and more.

“As infrastructure scales and clusters accumulate, a very high level of automation is needed to ensure certificates are consistent and kept up-to-date.

"Automating the certificates lifecycle, to keep workloads protected, is the core value of cert-manager, with open source support for public issuers using ACME (e.g. Let's Encrypt), as well as private authorities, such as HashiCorp Vault and Google Certificate Authority Service (CAS).

Bates says, “With Jetstack Secure our customers can see a detailed view of each cluster and an instant visual status of all workload certificates, including their association with Kubernetes resources.

"Crucially, it will identify and help to mitigate issues that can cause operational or security risk.

Jetstack is a Venafi company founded to help businesses build enterprise cloud native platforms using Kubernetes and OpenShift.

Platform Leads and InfoSec leaders use Jetstack to build modern cloud native environments that scale with full machine identity protection and efficient workload management.