Kubernetes security isn’t just about locking down the front door; it’s about securing every possible entry point. In this talk, we’ll dive into a hands-on, multi-layered approach to securing cloud-native applications using Intent-Based Access Control (IBAC).We’ll demonstrate how to automate your entire security stack with a simple, developer-friendly declarative configuration. Leveraging cert-manager for mTLS certificate issuance and management, we’ll build a foundation of trust. Then, we’ll show how IBAC dynamically maps these identities to both application ACLs (e.g., Kafka) and network policies, automating access control and network segmentation to significantly reduce your attack surface and blast radius.This innovative approach simplifies securing cloud-native apps and empowers developers to build security into their workflows from the start.