April 1, 2024

EP166 Workload Identity, Zero Trust and SPIFFE (Also Turtles!)



Identity and Access Zero Trust

Subscribe at Spotify.

Subscribe at Apple Podcasts.

Subscribe at YouTube

Topics covered:

  • Today we have IAM,  zero trust and security made easy. With that intro, could you give us the 30 second version of what a workload identity is and why people need them? 
  • What’s so spiffy about SPIFFE anyway? 
  • What’s different between this and micro segmentation of your network–why is one better or worse? 
  • You call your book “solving the bottom turtle” could you tell us what that means?
  • What are the challenges you’re seeing large organizations run into when adopting this approach at scale? 
  • Of all the things a CISO could prioritize, why should this one get added to the list? What makes this, which is so core to our internal security model–ripe for the outside world?
  • How people do it now, what gets thrown away when you deploy SPIFFE? Are there alternative?
  • SPIFFE is interesting, yet can a startup really “solve for the bottom turtle”? 

Do you have something cool to share? Some questions? Let us know:

View more episodes