Tech Talks

Container Is the New VM: The Paradigm Change No One Explained to You

Container Is the New VM: The Paradigm Change No One Explained to You

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Marga Manterola Rodrigo Campos Catelin

containers kubernetes vms cloud-native deployment ingress autoscaling network-policies security docker yaml

Staring Into the Abyss with the Security Technical Advisory Group

Staring Into the Abyss with the Security Technical Advisory Group

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Michael Lieberman Marina Moore

cncf cloud-native security supply-chain-security threat-modeling security-assessments zero-trust kubernetes open-source-security security-controls architecture design-patterns

InSPIREing Progress: How We're Growing SPIFFE and SPIRE in 2023 and Beyond

InSPIREing Progress: How We're Growing SPIFFE and SPIRE in 2023 and Beyond

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Daniel Feldman Andrés Vega

spiffe spire workload-identity zero-trust cncf kubernetes security cloud-native authentication tpm istio

Life of a CVE with Ingress-Nginx; Understanding the Project's Release Cycle

Life of a CVE with Ingress-Nginx; Understanding the Project's Release Cycle

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

James Strong Dylen Turnbull

cve ingress-nginx release-cycle kubernetes nginx security vulnerability-management software-supply-chain open-source cloud-native

Guardians of the Runtime: Leveraging Behavioral Analysis and Policies

Guardians of the Runtime: Leveraging Behavioral Analysis and Policies

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

kubernetes security runtime-security behavioral-analysis policy-management ci-cd ebpf linux-kernel system-calls network-policies vulnerability-management container-security

Automated Cloud-Native Incident Response with Kubernetes and Service Mesh

Automated Cloud-Native Incident Response with Kubernetes and Service Mesh

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Matt Turner Francesco Beltramini

kubernetes service-mesh incident-response cloud-native istio automation security gitops ci-cd observability container-security

Security Controls for Safe Chaos Experimentation

Security Controls for Safe Chaos Experimentation

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Raj Babu Das Umasankar Mukkara

chaos-engineering security kubernetes litmuschaos chaos-experimentation platform-security security-controls resilience-testing observability policy-engine gitops ci-cd

Overview and State of Linkerd

Overview and State of Linkerd

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

service-mesh linkerd kubernetes cloud-native observability reliability security rust api-gateway circuit-breaking traffic-routing mtls

Kyverno Introduction and Deep Dive

Kyverno Introduction and Deep Dive

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Charles-Edouard Brétéché Jinhong Brejnholt

kyverno kubernetes policy-engine security automation validation software-supply-chain-security governance policy-as-code

Kubernetes Security Response Committee: Intro & Deep Dive

Kubernetes Security Response Committee: Intro & Deep Dive

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Monis Khan Micah Hausler

kubernetes security vulnerability-management cve bug-bounty cloud-native aws microsoft api-security supply-chain-security

Running Not Root Made Easy

Running Not Root Made Easy

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Luboslav Pivarc

kubernetes non-root security pods containers virtual-machine capabilities selinux apparmor runtime kubevirt

Mind the Gap! Bringing Together Cloud Services and Managed K8s Environments

Mind the Gap! Bringing Together Cloud Services and Managed K8s Environments

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023

Christophe Tafani-Dereeper Diego Comas

kubernetes cloud-services aws-eks azure-aks gcp-gke iam security server-side-request-forgery workload-identity secrets-management access-control incident-response