Aporeto: When It Comes to Security, Context Is King
On this newest episode of The New Stack Makers podcast, we interviewed Aporeto co-founder and CEO Dimitri Stiliadis to learn more about how Aporeto is approaching security in today’s cloud-first ecosystem. The interview was conducted by TNS founder Alex Williams and co-host SolarWinds Senior Director of Technology Strategy Lee Calcote, held at during 2016’s Kubecon/CloudNativeCon in Seattle.
“There are a lot of security issues people are trying to solve on the network. I think we have been trained in the last 20 to 30 years to try and guess what packets are doing. The opportunity we have with the cloud is now we understand what applications are doing. By moving security where it belongs, closer to the applications, we can simplify the network,” said Stiliadis.
Aporeto’s application segmentation tool Trireme allows organizations to enforce security at the application layer. For Kubernetes, for instance, it allows any two Kubernetes-managed applications to communicate with each other only through the network API. As a part of Trireme’s Kubernetes 1.4 security API integration, Aporeto is able to provide developers with access to the Kubernetes security policy by deploying a simple library. “Security has this other thing also, that it tends to be better if there is a separation of concerns. Ideally, you want security to be at arm’s length from what it’s trying to protect.”
“I believe strongly that security has to be done in open source so people can check what you are doing,” Stiliadis said, adding that for applications that are less ephemeral, “We can treat them in the same unified way. In both cases we have increasingly more context. When it comes to security, context is king.”