Stoked to share this - Spencer, Nathan, and I wrote up Reddit, Inc.'s journey to zero trust on our Engineering blog. The short version: we ripped out our legacy proxy setup and migrated to a zero trust model. Sounds clean in one sentence, was definitely not clean in practice. The post gets into the real stuff - why we made the call, what broke, and how we made it way easier for devs to onboard new services without touching security configs themselves. Worth a read if you're in the security or infra space: https://lnkd.in/eXnnNVPz #ZeroTrust #Reddit #Security #Infrastructure
Very interesting Pratik Lotia !
The "way easier for devs to onboard" angle lands. I keep running into teams who spend months on zero trust and then tie themselves in knots with manual approvals and broken handovers. The only migrations I've seen stick are the ones where the dev path is actually lighter, not just another layer of controls bolted on top. Looking forward to reading the gotchas.