user or application would not be able to tell the difference between the legitimate and malicious files based on the hash. The following hash functions are not considered cryptographically secure and should project source code, NCC found that the code wrote files to disk in such a way that allowed anyone who had access to the system to access these files. These files included private keys that could be used by a access additional sensitive data. In some cases, these files had permissions set that included the ability to write to and execut- ing these files. These permissions would allow malicious actors to modify

exceed their trust boundaries including authentication bypass, reading sensitive information, writing files to the underlying file system, exploiting logical errors. The security components have limited functionality the file contents to a main.go file and run it with go run main.go. Careful: This will overwrite files on the system. 1 2 3 4 5 6 7 package main import ( "archive/tar" "bytes" "compress/gzip" "fmt" outFile.Close() Exploitation An attacker could exploit this by forcing Istio to open a large number of files and thus exhaust system resources resulting in Denial of Service. 25 Istio Security Audit, 2023

configuration Deploy to production 1 4 2 3 Istio-redirector takes the .csv files and generates the Istio VirtualService files. Then, it automatically creates the Pull Request on GitHub on on our csv Importing the file Generating the Istio configuration Deploy to production 1 2 3 4 The files are reviewed, merged and deployed! How does it work ? #IstioCon >26k redirections are now running

private-key and certificate pairs • Private keys and certificates are stored in keystore and truststore files in JKS or PKCS12 or PEM format Challenges – Kafka broker SSL with client auth 5 • Certificate truststore regeneration • Broker pods need restarting to pick up the modified keystore and truststore files • May cause service degradation Challenges – Certificate renewal 6 • Client certificates has be

Service config. ● Hard to manage when having hundreds of services. #IstioCon Abstracting to proto files Annotations API definition Greeting service example #IstioCon Please Build System ● https://github

traffic in a configurable set of formats #IstioCon Excellent Observability - Access logs Log Files Parse Istio-proxy Log • Each API Access Count • Each API Fail Rate • Each API Latency Easy to

frequency ● Proxies are heavily CPU throttling and consuming CPU without traffic ● Envoy configuration files are > 100K Lines 33 A full mesh is utopian, know what you need only Stabilizing Istio In fact