tl;dr as SPIFFE grows, Scytale is today introducing two commercial offerings to help organizations accelerate and optimize their deployments.

It has been a remarkable fourteen months since we and the broader community launched SPIFFE at KubeCon North America 2017. Our collective intention for this project was to address a fundamental enterprise security problem: how to get two services within a distributed infrastructure to reliably trust each other … without hard-coded credentials.

Why SPIFFE?

SPIFFE was inspired in part by our experiences working at Internet-scale businesses like Amazon Web Services, Google, and Netflix. We saw first-hand how their novel approaches to service identity allowed these organizations to successfully tame the complexity that comes with securing and deploying thousands of microservices built by varying engineers into complex, dynamic, and heterogeneous IT environments.

Yesterday, the challenge of maintaining an iron-clad security posture in the face of large numbers of services, independent software teams, elastic scaling, and heterogeneous hosting environments was largely the domain of Internet-scale organizations experiencing explosive growth. Today, with the rise of microservices, multi-cloud, containers, serverless, and continuous integration, many Fortune 1000 IT security engineers are feeling these same headwinds. Faced with new complexity and threat models, they seek solutions from those who have gone before. We knew the time was right for a service authentication technology like SPIFFE.

SPIFFE accelerates in 2018

Since December of 2017, we’ve been astounded by the community response to what should have been an esoteric security tool. In barely one year, we’ve seen contributions from Square, Tigera, Heptio, Uber, and VMWare. SPIFFE has found its way into several popular open-source proxiessecret storesservice discovery tools, and service meshes.

The SPIRE project — SPIFFE’s leading implementation — has also evolved, with support on three major public cloud platforms, container orchestration technologies like Kubernetes, and various on-premise technologies. Its extensible architecture enables interoperability with third-party datastores, hardware security modules, certificate authorities, and ITSM tooling.

In March 2018, SPIFFE and SPIRE were voted into the Cloud Native Computing Foundation, the same independent foundation that supports the Kubernetes and Prometheus open-source projects.

More than 1,800 commits later, SPIFFE and SPIRE are taking hold and growing, as more and more organizations are beginning to regard it as a foundational component of their next-generation multi-cloud security strategy.

Introducing Scytale Essentials and Scytale Professional Services

As a leading contributor to SPIFFE and SPIRE, Scytale recognizes a successful deployment of these technologies requires careful planning and execution. Today, we’re excited to announce unprecedented access to our own expert engineers and our experience gained from advising many organizations. We will be delivering this through two commercial offerings: Scytale Essentialsand Scytale Professional Services.

Scytale Essentials gives organizations implementing SPIFFE and SPIRE the comfort and security of working with a supportive and experienced partner, while also maintaining the benefits of vendor-neutral open-source software. This subscription includes access to a Scytale-supported, production-hardened distribution of SPIRE that closely tracks the CNCF release, but also includes immediate access to critical bug fixes and security patches. The subscription also includes a service-level agreement for bug fixes and inquiries, root cause analysis, office hours, and a dedicated technical account manager.

Scytale Professional Services complements Scytale Essentials with on-demand access to dedicated expertise when planning, deploying, and scaling SPIRE, as well as complementing an organization’s existing engineering team with engineering resources as needed.

If you are on the path to evaluate, plan, implement, and/or scale SPIFFE and SPIRE, visit https://www.scytale.io/spiffe to learn more about these programs and schedule a consultation with us.

We’re looking forward to speaking with you!