KubeSec Enterprise Online - A Webinar Series

A social distancing approach for sharing content from the planned
KubeSec Enterprise Summit event for March 30.

Explainer_Image

Whether you are just now beginning to roll out your first production implementation of Kubernetes, or are an early adopter looking to learn from the experience of your peers, you are sure to get valuable insights from this educational event.

Agenda includes:

  • End-user presentations sharing their experiences / best practices
  • Emerging trends in Kubernetes security technologies
  • Keynote presentations covering industry and market views, including Q&A

Who should attend? 

  • DevOps & DevSecOps
  • Cloud architects & Product managers
  • Security and compliance professionals
  • Digital Transformation & Business managers

Click here to download for the entire series, or explore the sessions below!

KubeSec Enterprise Summit North America will be held as an online event in 2020. Call for proposals is now open. Submit to speak here!

KubeSec Enterprise Online Session Details:
On-Demand
DevOps and Security – An Uneven Journey

Available now on-demand

What does DevOps adoption look like at enterprises, and what is the impact of that on cloud-native security? 451 Research presents results from its quantitative and qualitative research into cloud native security, particularly the relationship between current security practices and DevOps.

Fernando Montenegro
Principal Analyst
451 Research
Moderator - Rani Osnat
VP Strategy & Product Marketing
Aqua Security
On-Demand
Kubernetes Secrets - The good, the bad and the ugly

Available now on-demand

Secrets (SQL/LDAP passwords, SSH-keys and API-tokens) are usually kept by applications in configuration files or as source code constants. Kubernetes offers a great feature to store your application's Secrets where your containers can access them on demand. In our talk, we’ll share several use cases and flaws were using Kubernetes built-in Secrets Storage is insufficient, and review several future features of K8s and other concepts available in order to be able to better manage and secure your secrets.

Oded Hareven
CEO and Co-Founder
AKEYLESS
Moderator - Steve Giguere
Senior Solutions Architect
Aqua Security
On-Demand
kubectl support for PKCS#11 Hardware Security Module

Available now on-demand

How would you react if your laptop was stolen? Are you worried about attackers performing a cold boot attack to extract your Kubernetes credentials? Do you already use a YubiKey for SSH and GPG, and wonder why you cannot use it with kubectl? If yes, then this talk is for you!

Cristian Klein
Cloud Native Architect
Elastisys
Moderator - Liz Rice
VP Open Source
Aqua Security
On-Demand
The Container Security Checklist

Available now on-demand

Liz's new Container Security book includes a Security Checklist covering items you should at least think about when considering how to secure your deployments running on containers. In this talk, Liz gives an overview of the checklist, and dives into the details on some potential weaknesses that you really need to avoid. The takeaway challenge is for you to check whether your own environments comply with the most important of these recommendations.

Liz Rice
VP of Open Source Engineering
Aqua Security
Moderator - Andy Feit
VP Go To Market
Aqua Security
On-Demand
Kubernetes in the Context of an ISO 27001 Certification

Available now on-demand

With container technology rapidly entering the IT operations world together with the increasing demand in certifications of the IT environment such as ISO 27001, there is a high chance that you will get in contact with questions regarding operational compliance of your Kubernetes stack.

Based on the current available documentation on security requirements for container environments by the BSI and NIST, we will give an overview about how we would answer those questions for our in-house Kubernetes platform at WEB.DE and GMX.

Adriane Hartmann-Heder
IT Security Professional
1&1
Dr. Sascha Mühlbach
Expert Infrastructure Architect
1&1
On-Demand
Beyond Vulnerability Scanning

Available now on-demand

Over the past year, the Aqua Security cyber research team has uncovered increasingly sophisticated attacks on containers that use obfuscation and evasion techniques to avoid detection by static scanners. Such attacks utilize novel, innocuous-looking images to embed their own code, which is often encrypted or deployed a as polymorphic malware to avoid detection. The malicious behavior of the image can only be observed when it is run as a container.

Amir Jerbi
CTO and Co Founder
Aqua Security
Moderator - Andy Feit
VP Go To Market
Aqua Security
On-Demand
The Sharp Edges of Kubernetes Security

Available now on-demand

Once you get past the basics of Kubernetes security, locking down your APIs and implementing RBAC you might think you’ve got most of your security issues sorted. However, like any complex system Kubernetes has some sharp security edges. This is a talk about avoiding getting cut by them.

Rory McCune
Principal Security Analyst
NCC Group
Moderator - Liz Rice
VP of Open Source Engineering
Aqua Security
On-Demand
Achieving security and compliance in a large, multi-cluster Kubernetes fleet

Available now on-demand

Red Hat recently achieved SOC-2 and ISO 27001 certifications for one of our managed Enterprise Kubernetes as a service offerings, OpenShift Dedicated (OSD) on AWS.

Learn how we leveraged the built-in security features of Kubernetes and the mature security expertise of Red Hat to achieve compliance and certification of our large, multi-cluster Kubernetes fleet.

Specifically, topics covered in this session include:

  • How Kubernetes fits into a mature organization’s existing security landscape
  • How the SRE model helps refine security
  • Vulnerability management
  • Authentication and authorization
  • Log aggregation and analysis
  • Future security and compliance challenges
Jason Burrell
Security Lead, OpenShift Dedicated Site Reliability Engineering
Red Hat
Moderator - Steve Giguere
Senior Solutions Architect
Aqua Security
On-Demand
Securing your Kubernetes Ingress through Gateway Deployment Patterns

Available now on-demand

In this session we will discuss the five most common gateway deployment patterns and their security implications. Each pattern has its time and place, but how can we tell which one is right for our app? The fundamental pros and cons of each pattern will be brought to light enabling us to make an informed decision on a per-app or service basis.

Leif Beaton
Senior Solutions Architect
NGINX
Moderator - Steve Giguere
Senior Solutions Architect
Aqua Security
On-Demand
How Security Evolves with your Kubernetes Footprint

Available now on-demand

Single-cluster security in Kubernetes is a broadly covered topic with well-established best practices.  Kubernetes adoption typically starts with a limited proof of concept in a single team, but can quickly find massive growth and decentralized adoption across an organization. This growth stage introduces security challenges as team practices diverge.

In this talk I will address how security requirements and solutions evolve with the scope of your kubernetes usage and how you can carry these already established best practices across your organization.

Marcel Müller
Platform Engineer
Giant Swarm
Moderator - Steve Giguere
Senior Solutions Architect
Aqua Security
Featuring Presenters From:
Sign Up for KubeSec Updates

By clicking submit, you consent to allow Aqua to contact you regarding its respective products, services, and upcoming events and to store and process the information submitted.
You may unsubscribe at any time. Please review our Privacy Policy for more information.