How it Works

Traditional perimeter defenses can’t keep up with the speed of business and scalable microservice applications. LeakSignal priorities, assesses, and protects data exfiltration and abuse across all web and API traffic. Alerts can be set and action can be taken to ensure your sensitive data is protected.

Use a production-ready Layer 7 policy to observe sensitive data (or build your own).

Log in to the LeakSignal COMMAND dashboard to understand how sensitive data flows across the service mesh

Configure: Service-based Access Control (SBAC) Thresholds and Alerts MicroWAF, Leakwall and Sensitive Data Observer

Service-based Access Control (SBAC)

When a service mesh grows, developers don’t know who owns a service or how to get access for legitimate uses – oftentimes forcing service-to-service access with a shared secret or other means. On the other hand, malicious actors can easily bypass traditional edge protections, access important or critical services, and exfiltrate sensitive data under the radar.

Solutions:

Configure: Service-based Access Control (SBAC) Thresholds and Alerts MicroWAF, Leakwall and Sensitive Data Observer
Configure: Service-based Access Control (SBAC) Thresholds and Alerts MicroWAF, Leakwall and Sensitive Data Observer
Configure: Service-based Access Control (SBAC) Thresholds and Alerts MicroWAF, Leakwall and Sensitive Data Observer

LeakSignal provides the only Service-based Access Control capabilities through Inline response analysis of Layer 7 Sensitive Data.

Installation Details

No Helm charts, Operators, CRDs or other dependencies. LeakSignal is purpose-built to be lightweight and pluggable into any microservice environment.
LeakSignal deploys to Istio, K8s, or Envoy with a few lines of config and emits native Envoy statistics to support data collection platforms like Prometheus.
The LeakSignal COMMAND dashboard is completely free to use and configurable to run in the cloud or privately, on-prem.