Security | Otterize
Intent-based access control makes it easy to implement a zero trust back end. Zero trust for service-to-service calls means that a service is only permitted to invoke an operation over the network on another service when:
Zero trust is in a contrast with perimeter security: trusting any service to make any call to any other service it can reach in the network, based on a presumption that the perimeter of the network is absolutely protected. It’s difficult to make the network perimeter sufficiently secure, given:
But the biggest issue with perimeter security is the age-old saying that defenders need to win all the time while attackers only need to win once. And once a service in the network has been compromised and turned malicious, every other service in that network is now potentially vulnerable.
Zero trust does not replace perimeter security. And service-to-service zero trust does not replace human-to-service zero trust. All of these need to be in place to realize defense in depth, a bedrock principle of security.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25434354/Screenshot_2024_05_05_at_10.54.59_AM.png)
