What 🕵️

A webinar series designed for Kubernetes practitioners with the goal of harnessing the passion and sharing the knowledge within this great community.

Why 🤔

To share their real-world experience in securing large enterprise deployments, and cultural challenges when adopting cloud native approaches for DevOps.

When 🕙

Leading up to KubeCon in Detroit, KubeSec Webinar Series 2022 will begin on Tue, September 13th and wrap up on Tue, October 18th. Please find the full agenda below.

Who Should Attend?


DevOps & DevSecOps

 

Cloud Architects &
SREs


Security & Compliance

 

Product Managers 

On-Demand
Security Best Practices for Azure Kubernetes Services
Now Available On-Demand

Securing AKS involves providing countermeasures to threats against AKS identities, clusters and nodes, network, and containers. At the end of this session, you should be better able to design and implement security best practices of operating Kubernetes on Azure.

Alessandro Cardoso
Program Architect - Industry Solutions
Microsoft
On-Demand
Enterprise-Wide Kubernetes Adoption - The Good , The Bad and The Ugly
Now Available On-Demand

Are you facing issues with teams creating different k8 clusters? Is there an issue managing 100's of clusters across your enterprise. Do you have central governance and security standards? In this talk I focus on how an enterprise can adopt containerization across teams in a standardized fashion.

Turja Chaudhuri
Assistant Director, Cloud Practice
Global accounting firm
On-Demand
Climbing High -- The State of DevSecOps Today
No Available On-Demand

Security-specific tools are often overlooked until it becomes a requirement, necessity or things have gone terribly wrong. While many organisations will build a security team to address related issues, smaller organisations and individual contributors do not have this option.

This talk is divided into two sections. In the first one, Anais will share the similarities between climbing and the importance of establishing a security-centric mindset. What happens if we do not have security specialists supporting our team? Free-climbing might be an option for experts with years of experience but not for most cluster admins.

The second part will go over security-specific tools in the cloud native ecosystem. We will highlight the different tools available, how and when they are used, as well as emerging technologies in the security space. Anais will showcase how we can get started and the benefits of integrating cloud native security tools, such as Trivy and Tracee, into our existing processes and monitoring stack. The goal is to provide Kubernetes cluster admins and engineers with the tools and knowledge to take ownership of securing their resources without having to become security experts.

Anaïs Urlichs
Open Source Developer Advocate
Aqua Security
Upcoming
Scaling Kubernetes Security with Kubernetes Goat
Tuesday, October 4th, 12:30pm-1:30pm EDT

Companies with large development teams, enterprises adopting Kubernetes where security teams are in single digits but other teams are in three-plus digits. In this talk, we see some scalable ways to solve Kubernetes Security across such organizations in a practical hands-on context-driven approach.

Madhu Akula
Founder | Pragmatic Security Leader
Madhu Akula
Upcoming
Thinking Different: How to Approach Kubernetes Security and Governance
Tuesday, October 11th, 11:00am - 12:00pm EDT

On July 21, 2015, Kubernetes 1.0 was release by Google and Linux Foundation forming the Cloud Native Computing Foundation (CNCF). Since then, Kubernetes has picked up steam in utilization by organizations for running business critical workloads. Generally, Security and Compliance teams tend to lag behind in understanding the technology and where to implement effective controls. With Cyber criminals taking a more active interest in weaponizing Kubernetes, not having the proper controls will have a big impact on organizations. My presentation is on bringing security and governance teams into the world of Kubernetes. This is done by creating partnerships with security and governance for protection of Kubernetes and workloads.

This presentation will provide you the following takeaways:

  • Understanding the current threat scape
  • How to approach Security and Governance teams to understand Kubernetes
  • How to setup a security and governance model
  • How to champion metrics for displaying a more accurate and updated risk profile.
Brian Cook, CISSP
Director, SRE & Container Security Lead
DTCC
Upcoming
One Stop GitOps for All Your SaaS
Tuesday, October 18th, 11:00 - 12:00pm EDT

GitOps is becoming the popular way to control, secure and manage cloud assets at scale through unified policies. However, SaaS tools and infrastructure extensions remain outside of our GitOps practices, while they can actually benefit the most from centralized policy and security. 

Naor Paz
Director of Product
Firefly