Safeguard
Tag

service-mesh

Safeguard articles tagged "service-mesh" — guides, analysis, and best practices for software supply chain and application security.

13 articles

Container Security

Service Mesh Security: mTLS, Authorization, and Zero Trust

A service mesh can give you mutual TLS between every service, identity-based authorization, and encrypted traffic without touching application code — or it can become an over-privileged proxy layer you never locked down. Here is how to do it right.

Jul 8, 20265 min read
Kubernetes Security

Implementing mTLS in Kubernetes clusters: a hands-on guide

Kubernetes ships zero built-in encryption for pod-to-pod traffic — here's how cert-manager and service meshes fix that, and the five misconfigurations that quietly undo it.

Jul 8, 20266 min read
Application Security

Securing gRPC microservice communication

gRPC's binary, multiplexed transport breaks REST-era security tooling. Here's how to fix mTLS gaps, reflection exposure, and per-method authorization.

Apr 26, 20267 min read
Cloud Security

What is Microservices Security

Microservices security means securing service-to-service auth, dependencies, and containers across hundreds of independently deployed services—not one monolith.

Mar 17, 20267 min read
Identity Security

mTLS (mutual TLS)

What is mTLS? A precise breakdown of mutual TLS authentication, how it differs from standard TLS, why service meshes depend on it, and how to handle certificate rotation.

Mar 2, 20267 min read
Identity Security

How to set up mutual TLS (mTLS) between microservices

A step-by-step guide to configuring mTLS across microservices with Istio — from CA setup and PeerAuthentication policies to certificate rotation and verification.

Feb 19, 20266 min read
Container Security

Service Mesh for Supply Chain Policy Enforcement

Using Istio, Linkerd, and Cilium service mesh to enforce signed-artifact, SPIFFE identity, and provenance-aware policy in production clusters.

May 24, 20255 min read
Container Security

Kubernetes Service Mesh Policy Depth

Service meshes promise layered policy. The promise is real, but the layers only help if you use them, and most deployments use one.

Sep 15, 20247 min read
Infrastructure Security

Envoy Proxy Security Hardening for Production Deployments

Envoy powers service meshes and API gateways across the industry. Its default configuration prioritizes connectivity over security. Here is how to fix that.

Apr 12, 20244 min read
API Security

gRPC Security Considerations: Protecting High-Performance Service Communication

gRPC's binary protocol and HTTP/2 transport make it fast. They also make it harder to inspect, monitor, and secure than REST APIs. Here is what you need to know.

Sep 12, 20235 min read
Kubernetes Security

Service Mesh mTLS Configuration: Getting Mutual TLS Right

Service meshes promise automatic mTLS. The reality involves permissive modes, certificate management complexity, and gaps that attackers can exploit.

Mar 12, 20235 min read
Architecture

Microservices Security Architecture: A Supply Chain Perspective

Microservices multiply your dependency surface. This guide covers service mesh security, inter-service authentication, and dependency management across distributed architectures.

Jul 25, 20227 min read
service-mesh — Safeguard Blog