Filling the Gaps in Kubernetes Flavored SLSA with Threat Modeling
34 min

Filling the Gaps in Kubernetes Flavored SLSA with Threat Modeling

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Christie Wilson Priya Wadhwa
kubernetes slsa supply-chain-security threat-modeling ci-cd tekton spire sigstore container-security security-frameworks
Maintaining TUF
35 min

Maintaining TUF

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Joshua Lock Lukas Pühringer
tuf supply-chain-security container-security cloud-native security frameworks reference-implementation kubernetes secure-delivery
Hacking and Defending Kubernetes Clusters: We'll Do It LIVE!!
34 min

Hacking and Defending Kubernetes Clusters: We'll Do It LIVE!!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Fabian Kammel James Cleverley-Prance
kubernetes security cloud-native container-security threat-modeling rbac privilege-escalation container-registry ci-cd attack-vectors network-segmentation data-security
Prevent Embarrassing Cluster Takeovers with This One Simple Trick!
38 min

Prevent Embarrassing Cluster Takeovers with This One Simple Trick!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Daniele de Araujo dos Santos Shane Lawrence
kubernetes security cloud-native container-security kubeaudit least-privilege devsecops ci-cd vulnerability-management runtime-security cluster-security
Securing the Container Supply Chain with Notary
36 min

Securing the Container Supply Chain with Notary

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Justin Cormack Toddy Mladenov
container-security supply-chain-security notary docker microsoft oci kubernetes signing sbom in-toto key-management
In-Toto: Attestations and More for Software Supply Chain Security
35 min

In-Toto: Attestations and More for Software Supply Chain Security

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Aditya Sirish A Yelgundhalli
software-supply-chain-security in-toto attestation sbom slsa kubernetes ci-cd container-security policy-enforcement digital-signatures provenance
Guardians of the Runtime: Leveraging Behavioral Analysis and Policies
33 min

Guardians of the Runtime: Leveraging Behavioral Analysis and Policies

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Ben Hirschberg
kubernetes security runtime-security behavioral-analysis policy-management ci-cd ebpf linux-kernel system-calls network-policies vulnerability-management container-security
Interactive Playground to Learn Kubernetes and Cloud Native Security
37 min

Interactive Playground to Learn Kubernetes and Cloud Native Security

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Madhu Akula
kubernetes cloud-native-security kubernetes-security container-security vulnerability-assessment attack-vectors security-testing devops-security cyber-kill-chain threat-modeling container-escape
Image Signing and Runtime Verification at Scale: Datadog's Journey
34 min

Image Signing and Runtime Verification at Scale: Datadog's Journey

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Ethan Lowman
container-security image-signing runtime-verification kubernetes datadog supply-chain-security oci containerd grpc public-key-cryptography sigstore ci-cd
Automated Cloud-Native Incident Response with Kubernetes and Service Mesh
37 min

Automated Cloud-Native Incident Response with Kubernetes and Service Mesh

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Matt Turner Francesco Beltramini
kubernetes service-mesh incident-response cloud-native istio automation security gitops ci-cd observability container-security
Cluster Grey Zone: Risks in Managed Cluster Middleware
30 min

Cluster Grey Zone: Risks in Managed Cluster Middleware

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Shay Berkovich Barak Sharoni
kubernetes cloud-security managed-kubernetes eks gke aks cluster-middleware attack-surface privilege-escalation container-security threat-modeling fluent-bit node-problem-detector
Kubernetes Defensive Monitoring with Prometheus
27 min

Kubernetes Defensive Monitoring with Prometheus

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
David de Torres Huerta Mirco De Zorzi
kubernetes prometheus monitoring security falco cloud-native container-security threat-detection anomaly-detection observability cncf