Presentations and Demos
Here you can find a range of presentations and demos that highlight SPIKE’s capabilities and showcase its innovative features.
- Introduction to SPIKE: Secure Production Identity for Key
Encryption:
This is our first SPIKE walkthrough, where we introduce the project and its goals. - Unlocking SPIKE: A New Era for Secure Identity-Driven
Secrets:
This is a brief introduction to SPIKE; what it is, how it works, and why it’s important. - Developing SPIKE on Bare Metal and Kubernetes:
This walkthrough demonstrates building and running SPIKE both on local bare-metal Linux and inside a local Minikube Kubernetes, illustrating how the project can be built, developed, and tested on your development environment. - Building and Testing SPIKE from Source in ~2 Minutes:
This is a quick demonstration of how to clone, build, and test the SPIKE system from its codebase in under two minutes, showing rapid developer iteration and validating that the core components work end-to-end. - Goodbye Passwords: Secure Secrets Management with SPIFFE
and SPIKE:
In this demo, we allow a user to usespikejust by checking an SVID; we don’t use any kind of passwords to identify the user, SPIFFE does it for us. - Unveiling SPIKE’s New Audit Trail Capabilities: Zero-Trust Meets
Accountability:
This demo explains the new auditing capabilities of SPIKE that we will continue developing. This is the initial incarnation of the feature, and more will come. - Introducing Policy-Based Access Control in SPIKE:
This demo introduces the new policy-based access control feature of SPIKE. This is the initial incarnation of the feature. We will create more demos as we enhance the feature. - Introducing SPIKE Secret Metadata API
This demo introduces SPIKE’s new metadata API, which lets you attach key/value metadata to secrets to add richer context, governance, or classification. It also shows how the SPIKE Go SDK can be used to both set and retrieve that metadata in conjunction with policy enforcement. - Unlocking Secrets: Policy-Based Access and Metadata in
SPIKE
This demo showcases how SPIKE enforces policy-based access control when reading or writing secrets. We also look into SPIKE’s Secret Metadata API. - Policy to the Rescue: Secure Secret Access and Metadata with
SPIKE:
This demo introduces the new SPIKE metadata API. We also use the SPIKE Go SDK to consume secrets. - Using Policies to Read and Write Secrets using SPIKE:
This demo introduces the new Makefile-based development workflow, the enhanced starter script, policy-based access control, and metadata support. - Secrets Resiliency with SPIKE: Self-Healing and Doomsday
Recovery:
Secrets management is critical, but what happens when everything fails? In this video, we explore SPIKE’s disaster recovery mechanisms, covering both self-healing capabilities and the manual break-the-glass recovery process. - Federating Secrets with SPIFFE and SPIKE:
In this demo, we show how you can deploy SPIRE and SPIKE from SPIFFE Helm charts. We then establish a multi-cluster secret federation where the workload clusters can securely access secrets stored in the management cluster. - SPIKE’s Shamir’s Secret Sharing with SPIFFE mTLS:
This demo walks through how SPIKE leverages Shamir’s Secret Sharing to split the root key across multiple SPIKE Keeper nodes such that no single node holds the full key. It also demonstrates how communications between SPIKE Keepers and SPIKE Nexus are secured using SPIFFE-based mTLS to ensure authenticated, encrypted transport. - Secure SPIKE Deployment: Integrating SPIRE with an Isolated Management
Cluster:
In this demo, the presenter shows how to deploy SPIKE in a management cluster that is isolated from workload clusters, integrating SPIRE to issue identities and enforce trust boundaries. - Cross-Cluster Secrets Federation with SPIFFE and
SPIKE:
Here, the focus is on federating secrets across multiple clusters, allowing workloads in different clusters to access shared secrets securely. The demo shows how SPIKE can bridge trust boundaries using SPIFFE identities and secret federation.