A Look Under the Hood of CNCF Security Audits
31 min

A Look Under the Hood of CNCF Security Audits

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Adam Korczynski David Korczynski
cncf security-audits cloud-native open-source-security threat-modeling vulnerability-management cve salsa-compliance supply-chain-security argo cilium flux
The Next Log4jshell?! Preparing for CVEs with eBPF!
36 min

The Next Log4jshell?! Preparing for CVEs with eBPF!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Natalia Reka Ivanko John Fastabend
ebpf log4jshell cve kubernetes security observability runtime-security vulnerability-management linux-kernel kernel-extensions network-security process-monitoring
Life of a CVE with Ingress-Nginx; Understanding the Project's Release Cycle
32 min

Life of a CVE with Ingress-Nginx; Understanding the Project's Release Cycle

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
James Strong Dylen Turnbull
cve ingress-nginx release-cycle kubernetes nginx security vulnerability-management software-supply-chain open-source cloud-native
Kubernetes Security Response Committee: Intro & Deep Dive
35 min

Kubernetes Security Response Committee: Intro & Deep Dive

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Monis Khan Micah Hausler
kubernetes security vulnerability-management cve bug-bounty cloud-native aws microsoft api-security supply-chain-security
RBAC to the Future: Untangling Authorization in Kubernetes
27 min

RBAC to the Future: Untangling Authorization in Kubernetes

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Jimmy Mesta
kubernetes rbac authorization security cloud-native access-control kubernetes-security least-privilege iam cve