DevOps · Flashcard

Which class of attack remains possible even with mesh mTLS everywhere?

  • AApplication-level exploits — SQL injection in a request rides the encrypted channel intact
  • BTraffic sniffing on the node network — packet captures reveal payloads between the Pods
  • CService impersonation inside the mesh — any Pod can present another workload's identity
  • DMan-in-the-middle between sidecars — intermediaries can silently rewrite the requests

Why this is the answer

mTLS secures the transport; a perfectly encrypted malicious payload still exploits the app — input validation stays your job. Sniffing, impersonation and man-in-the-middle are precisely what mTLS's encryption and mutual identity defeat.

Official docs
Study in Gnoseed →