mTLS (Mutual TLS) extends standard TLS by requiring both client and server to authenticate using certificates. In regular TLS, only the server proves its identity to the client. mTLS ensures the client is also trusted before a connection is established. This is particularly relevant for service-to-service communication in microservice architectures and zero-trust environments. You need a functioning PKI that issues and manages client certificates. Service meshes like Istio or Linkerd enforce mTLS automatically between services.