Connecting and Securing Services for Hybrid and Multi Cloud Kubernetes
39 min

Connecting and Securing Services for Hybrid and Multi Cloud Kubernetes

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Rania Mohamed Piotr Szczesniak Roland Kool Ricardo Rocha Christian Huenning
kubernetes hybrid-cloud multi-cloud cloud-native service-mesh connectivity security networking api-gateway container-orchestration observability
How to Make Kubernetes Rhyme with Prod-Readiness
36 min

How to Make Kubernetes Rhyme with Prod-Readiness

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Tiffany Jernigan Matthias Haeussler
kubernetes production-readiness cloud-native cncf containerization infrastructure networking observability security workloads ci-cd iac
Can You Keep a Secret? on Secret Management in Kubernetes
38 min

Can You Keep a Secret? on Secret Management in Kubernetes

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Liav Yona Gal Cohen
kubernetes secrets-management secret-store-csi-driver cloud-native csi-driver security access-control authentication key-management devops
Hacking and Defending Kubernetes Clusters: We'll Do It LIVE!!
34 min

Hacking and Defending Kubernetes Clusters: We'll Do It LIVE!!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Fabian Kammel James Cleverley-Prance
kubernetes security cloud-native container-security threat-modeling rbac privilege-escalation container-registry ci-cd attack-vectors network-segmentation data-security
Hardening Kubeflow Security for Enterprise Environments
41 min

Hardening Kubeflow Security for Enterprise Environments

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Julius von Kohout Diana Dimitrova Atanasova
kubeflow kubernetes mlops security enterprise-security authentication authorization rbac vulnerabilities cvss software-supply-chain ci-cd
Practical Challenges with Pod Security Admission
29 min

Practical Challenges with Pod Security Admission

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
V Körbes Christian Schlotter
kubernetes pod-security-admission security containers kubernetes-security admission-controller least-privilege vmware pod-security-policies workloads security-profiles
Malicious Compliance: Reflections on Trusting Container Scanners
36 min

Malicious Compliance: Reflections on Trusting Container Scanners

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Ian Coldwater Duffie Cooley Brad Geesaman Rory McCune
container-scanning kubernetes security vulnerability-management docker sbom ci-cd supply-chain-security policy-as-code cloud-native alpine-linux go
The Next Log4jshell?! Preparing for CVEs with eBPF!
36 min

The Next Log4jshell?! Preparing for CVEs with eBPF!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Natalia Reka Ivanko John Fastabend
ebpf log4jshell cve kubernetes security observability runtime-security vulnerability-management linux-kernel kernel-extensions network-security process-monitoring
Prevent Embarrassing Cluster Takeovers with This One Simple Trick!
38 min

Prevent Embarrassing Cluster Takeovers with This One Simple Trick!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Daniele de Araujo dos Santos Shane Lawrence
kubernetes security cloud-native container-security kubeaudit least-privilege devsecops ci-cd vulnerability-management runtime-security cluster-security
The Top 10 List of Istio Security Risks and Mitigation Strategies
35 min

The Top 10 List of Istio Security Risks and Mitigation Strategies

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
José Carlos Chávez
istio security kubernetes cloud-native service-mesh networking observability authorization authentication mtls supply-chain-security web-application-firewall
What Can Go Wrong When You Trust Nobody? Threat Modeling Zero Trust
33 min

What Can Go Wrong When You Trust Nobody? Threat Modeling Zero Trust

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
James Callaghan Richard Featherstone
zero-trust threat-modeling cloud-native kubernetes istio service-mesh workload-identity authorization opa security distributed-systems
Open Policy Agent (OPA) Intro & Deep Dive
34 min

Open Policy Agent (OPA) Intro & Deep Dive

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Charlie Egan
opa open-policy-agent policy-engine kubernetes microservices ci-cd cloud-native security opa-gatekeeper