This document discusses securing communication in cloud native applications. It covers traditional network security approaches and challenges with modern application development. It emphasizes applying defense in depth through hardening infrastructure, scanning code and dependencies, encrypting data at rest and in transit, and using the principle of least privilege. The document explores the different requirements for securing communication at the edge with an API gateway compared to within a service mesh. It recommends that all security practices have good user experience and be integrated into regular development workflows.