Follow Datanami:
October 16, 2023

Tetrate Istio Subscription Offers Enhanced Security with Extended CVE Support for Enterprises

SAN FRANCISCO, Oct. 16, 2023 — Tetrate has announced the general availability of Tetrate Istio Subscription (TIS). The offering combines always-on expert support and best practices with continuous and extended protection from CVEs of open source components, as well as a fast-track to a verifiably compliant Federal Risk and Authorization Management Program (FedRAMP) environment.

A supported distribution of Istio was one of Tetrate’s earliest offerings. Now that the Istio project has graduated within the Cloud Native Computing Foundation (CNCF) framework, it is fully mature, and Tetrate is ready to release TIS into general availability. TIS is the industry’s only fully upstream service based on open source Istio.

“Istio started life as an open source project created by engineers at Google, who then left to start Tetrate,” said Varun Talwar, founder of Tetrate. “When Istio became a CNCF project, it began a steady march toward maturity. Now, with the project graduated, we have a mature and proven application networking technology that’s standardized by NIST and acceptable to a wide array of Federal and large enterprise decision makers. A supported, open source, enterprise ready version of Istio is a big deal, and Tetrate has one.”

“TIS has grown alongside Istio, solving a real problem for regulated environments who need application networking that delivers a standardized zero trust architecture out of the box to include strong NIST compliance mapping,” said Austen Bryan, product lead at Tetrate partner Defense Unicorns. “With the graduation of the Istio project, Tetrate now provides a fully supported, open source Istio option in general availability.”

Key Facts About Tetrate Istio Subscription:

  • TIS is based on the Tetrate Istio Distro (TID), an open source project from Tetrate that provides vetted builds of Istio tested against all major cloud platforms.
  • On top of TID, TIS adds training, architectural workshops, expert enterprise production support, best practices and, critically, extended CVE support which adds six months of backported patches from Tetrate in addition to the eight months provided by the Istio project, allowing teams to reduce the upgrade frequency between Istio versions. Specific CVE support includes remediating the emerging high-severity and exploitable OrangeOctopus CVE for Istio 1.16 or older that is no longer community-supported.
  • TIS is the first and only 100% pure upstream Istio distribution to achieve Federal Information Processing Standards (FIPS) verification and is hardened for use in enterprise and FedRAMP environments, using the unforked BoringCrypto module. See how Tetrate Istio Distribution and Tetrate Istio Subscription compare.
  • TIS is fully compliant with NIST 207A, the publication that defines the U.S. federal standard for the zero trust architecture that all federal applications must begin following. In fact, Tetrate worked directly with NIST in developing the standard.

Additionally, TIS is designed for highly regulated industries where security is paramount. It allows organizations with globally distributed cloud infrastructure and a large, diverse group of application development organizations to automate policies that assure compliant security – even if attackers manage to get inside their networks.

“TIS gives enterprises the power of service mesh with the simplicity of a supported solution, all with the assurance and risk-mitigation of a widely deployed open source technology stack that is FIPs certified and FedRAMP compliant,” said David Wang, head of product at Tetrate. “As a supported distro of fully upstream Istio, there is nothing proprietary to lock users in when they select TIS. Better yet, the TIS Starter Package makes it easy to install and get going quickly along with enterprise-grade support from the people who helped create Istio and know it best.”

About Tetrate

Rooted in open source, Tetrate was founded to solve the application networking and security challenges created by modern computing so enterprises can innovate with speed and safety in hybrid and multicloud environments. As applications evolve into collections of decentralized microservices, monitoring and managing the network communications and security among those myriad services becomes challenging. This is why some of the largest financial institutions, governments and other enterprises rely on Tetrate to deliver modern application networking and security. Find out more at

Source: Tetrate