What is mTLS (Mutual TLS)?
Two-way TLS authentication where both client and server verify each other's certificates.
Mutual TLS (mTLS) is an extension of TLS where both the client and server authenticate each other using certificates. In standard TLS, only the server presents a certificate. In mTLS, the client also presents a certificate the server validates. This implements zero-trust networking — even if an attacker is inside the network, they can't communicate with services without a valid certificate. Service meshes like Istio and Cilium automate mTLS between all pods transparently.
Deep Dive Guide
how to set up istio service mesh
More Security Terms
DevSecOps
Integrating security practices into every stage of the DevOps pipeline.
Falco
A runtime security tool that detects anomalous behavior in containers using eBPF/syscalls.
JWT (JSON Web Token)
A compact, self-contained token format for transmitting claims between parties.
OAuth2
An authorization framework allowing third-party apps limited access to user accounts.
OIDC (OpenID Connect)
An identity layer on top of OAuth2 that provides user authentication.
OPA (Open Policy Agent)
A general-purpose policy engine for enforcing authorization decisions across the stack.
Test your knowledge of mTLS (Mutual TLS) and 130 other DevOps concepts