Docker Enterprise got a big upgrade this year with Calico 3.5 for its Kubernetes networking! One of the most exciting new features is the ability to build Zero Trust Kubernetes networks with Calico Application Layer Policy in concert with Istio service mesh. Zero Trust networking is a way to build distributed applications such that they maintain security, even when containers, or the network itself, is compromised.
Starting with Docker Enterprise, they will demonstrate some common network attacks such as IP address spoofing and certificate exfiltration, then demonstrate building a Zero Trust network (by installing Istio and Application Layer Policies) for the application. They will show how this Zero Trust network repels all the demonstrated attack strategies and explain how to build and maintain a Zero Trust network for your own applications.