Tech Talks

Rotate Roots Right Round: Using Cert-Manager for Safer Private PKI

Rotate Roots Right Round: Using Cert-Manager for Safer Private PKI

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

kubernetes cert-manager pki certificate-authority private-pki acme lets-encrypt trust-manager cloud-native security

Least Privilege Containers: Keeping a Bad Day from Getting Worse

Least Privilege Containers: Keeping a Bad Day from Getting Worse

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Greg Castle Vinayak Goyal

kubernetes containers security least-privilege rootless-containers gke docker linux-kernel capabilities init-containers pod-security-context

Experience with Hard Multi-Tenancy in Kubernetes Using Kata Containers

Experience with Hard Multi-Tenancy in Kubernetes Using Kata Containers

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

kubernetes kata-containers multi-tenancy cloud-native security virtualization container-runtime network-policy performance-tuning spdk data-platform serverless

CRI-O's Back, Alright!

CRI-O's Back, Alright!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Peter Hunt Urvashi Mohnani

cri-o kubernetes container-runtime-interface oci containerd crio-config freebsd nri seccomp-notify security checkpoint-restore sigstore keyless-signing

Kubernetes SIG Auth Deep Dive

Kubernetes SIG Auth Deep Dive

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Jordan Liggitt Mike Danese Rita Zhang David Eads

kubernetes kubernetes-sig-auth authentication authorization auditing security api-security cloud-native container-orchestration

Maintaining TUF

Maintaining TUF

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Joshua Lock Lukas Pühringer

tuf supply-chain-security container-security cloud-native security frameworks reference-implementation kubernetes secure-delivery

Implementing an Auditable Access Control Strategy Using Cluster Certificate Authority Rotation

Implementing an Auditable Access Control Strategy Using Cluster Certificate Authority Rotation

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Tyler Lisowski Kodie Glosser

kubernetes certificate-authority access-control security ca-rotation zero-downtime mtls credential-management cluster-security

Connecting and Securing Services for Hybrid and Multi Cloud Kubernetes

Connecting and Securing Services for Hybrid and Multi Cloud Kubernetes

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Rania Mohamed Piotr Szczesniak Roland Kool Ricardo Rocha Christian Huenning

kubernetes hybrid-cloud multi-cloud cloud-native service-mesh connectivity security networking api-gateway container-orchestration observability

How to Make Kubernetes Rhyme with Prod-Readiness

How to Make Kubernetes Rhyme with Prod-Readiness

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Tiffany Jernigan Matthias Haeussler

kubernetes production-readiness cloud-native cncf containerization infrastructure networking observability security workloads ci-cd iac

Can You Keep a Secret? on Secret Management in Kubernetes

Can You Keep a Secret? on Secret Management in Kubernetes

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Liav Yona Gal Cohen

kubernetes secrets-management secret-store-csi-driver cloud-native csi-driver security access-control authentication key-management devops

Hacking and Defending Kubernetes Clusters: We'll Do It LIVE!!

Hacking and Defending Kubernetes Clusters: We'll Do It LIVE!!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Fabian Kammel James Cleverley-Prance

kubernetes security cloud-native container-security threat-modeling rbac privilege-escalation container-registry ci-cd attack-vectors network-segmentation data-security

Hardening Kubeflow Security for Enterprise Environments

Hardening Kubeflow Security for Enterprise Environments

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Julius von Kohout Diana Dimitrova Atanasova

kubeflow kubernetes mlops security enterprise-security authentication authorization rbac vulnerabilities cvss software-supply-chain ci-cd