DEVOPSdigest

Jetstack announced the launch of Jetstack Secure, its new flagship product which extends the core value of the highly popular cert-manager open source project.

Jetstack Secure delivers comprehensive protection and full visibility of machine identities to Cloud Native Platform and Security teams, including public trusted certificates for ingress TLS, as well as private certificates for intra-service mTLS with service mesh.

Jetstack Secure comes ready packaged with a web-based management interface and enterprise-grade support direct from the team behind the project. The product builds a detailed view of the enterprise security posture across multiple clusters and clouds, including certificates that have been manually created by developers, and proactively identifies operational issues based on cert-manager status and health, as well as X.509 certificate misconfiguration.

Built to operate in fast-paced, rapidly evolving Kubernetes and OpenShift environments, Jetstack Secure deploys easily using Kubernetes resources, including an open-source agent, and it is backed by a reliable and scalable SaaS managed by Jetstack. The full interface can be set-up to run for free on a single cluster and customers can upgrade for advanced multi-cluster and alerting capabilities.

Jetstack are the creators of cert-manager; the company donated the cert-manager project to the Cloud Native Computing Foundation® (CNCF®) “Sandbox” in November 2020.

“We’ve seen first-hand from our work with customers that adopting Cloud Native technologies and modern microservice architecture very quickly leads to a significant growth of TLS certificates - from ingress TLS, to intra-service mTLS, Kubernetes webhooks and more,” said Matt Bates, Jetstack CTO and Co-Founder. “As infrastructure scales and clusters accumulate, a very high level of automation is needed to ensure certificates are consistent and kept up-to-date. Automating the certificates lifecycle, to keep workloads protected, is the core value of cert-manager, with open source support for public issuers using ACME (e.g. Let’s Encrypt), as well as private authorities, such as HashiCorp Vault and Google Certificate Authority Service (CAS).”

Bates continued, “With Jetstack Secure our customers can see a detailed view of each cluster and an instant visual status of all workload certificates, including their association with Kubernetes resources. Crucially, it will identify and help to mitigate issues that can cause operational or security risk.”