News Automating License Validity Checks with KrakenD

Community Documentation

Recent changes

You are viewing a previous version of KrakenD Community Edition (v2.2) , go to the latest version

Zero-trust policy

Document updated on Mar 13, 2023

Real-world API deployments suffer attacks every day, even if you don’t notice it. Where there is an accessible server, there is malicious activity.

The Zero Trust security is a software architecture design choice to deny by default any activity unless specifically allowed. This type of policy is very secure, but usually adds a lot of burden on infrastructure administrators. KrakenD offers a balance of tools and default secure choices to ease the administration while keeping the software secure.

Zero Trust pillars

  1. Explicit declaration
  2. Least-privilege access
  3. Assume breach

Nothing behind the corporate firewall is safe. Nothing behind the gateway is safe. The Zero Trust model assumes breach and verifies each request as it originates from an open network. Regardless of where the request originates or what resource it accesses, Zero Trust teaches us to “never trust, always verify.”

Every access request with tokens is fully authorized, and decrypted before granting access. Segmentation by multiple criteria and least-privilege access principles are applied to minimize lateral movement.

KrakenD assumes the following behaviors when serving an API:

Scarf

Unresolved issues?

The documentation is only a piece of the help you can get! Whether you are looking for Open Source or Enterprise support, see more support channels that can help you.