Vulnerability Management for Go
22 min

Vulnerability Management for Go

GopherCon - GopherCon 2023
Julie Qiu
go go-modules dependabot osv go-vulnerability-database vulnerability-management software-supply-chain security static-analysis cicd github-actions
From Model to Production: A Unified Journey
28 min

From Model to Production: A Unified Journey

MLOps World - MLOps World & Generative AI World 2024
Yuval Fernbach
mlops machine-learning devops software-supply-chain generative-ai data-science deployment security vulnerability-management model-registry ci-cd containerization
A Look Under the Hood of CNCF Security Audits
31 min

A Look Under the Hood of CNCF Security Audits

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Adam Korczynski David Korczynski
cncf security-audits cloud-native open-source-security threat-modeling vulnerability-management cve salsa-compliance supply-chain-security argo cilium flux
Malicious Compliance: Reflections on Trusting Container Scanners
36 min

Malicious Compliance: Reflections on Trusting Container Scanners

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Ian Coldwater Duffie Cooley Brad Geesaman Rory McCune
container-scanning kubernetes security vulnerability-management docker sbom ci-cd supply-chain-security policy-as-code cloud-native alpine-linux go
The Next Log4jshell?! Preparing for CVEs with eBPF!
36 min

The Next Log4jshell?! Preparing for CVEs with eBPF!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Natalia Reka Ivanko John Fastabend
ebpf log4jshell cve kubernetes security observability runtime-security vulnerability-management linux-kernel kernel-extensions network-security process-monitoring
Prevent Embarrassing Cluster Takeovers with This One Simple Trick!
38 min

Prevent Embarrassing Cluster Takeovers with This One Simple Trick!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Daniele de Araujo dos Santos Shane Lawrence
kubernetes security cloud-native container-security kubeaudit least-privilege devsecops ci-cd vulnerability-management runtime-security cluster-security
Life of a CVE with Ingress-Nginx; Understanding the Project's Release Cycle
32 min

Life of a CVE with Ingress-Nginx; Understanding the Project's Release Cycle

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
James Strong Dylen Turnbull
cve ingress-nginx release-cycle kubernetes nginx security vulnerability-management software-supply-chain open-source cloud-native
Guardians of the Runtime: Leveraging Behavioral Analysis and Policies
33 min

Guardians of the Runtime: Leveraging Behavioral Analysis and Policies

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Ben Hirschberg
kubernetes security runtime-security behavioral-analysis policy-management ci-cd ebpf linux-kernel system-calls network-policies vulnerability-management container-security
Back to the Future: Next-Generation Cloud Native Security
30 min

Back to the Future: Next-Generation Cloud Native Security

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Matt Jarvis Andrew Martin
cloud-native-security kubernetes containers webassembly rust ebpf confidential-computing post-quantum-cryptography ai-security supply-chain-security vulnerability-management hardware-security
Kubernetes Security Response Committee: Intro & Deep Dive
35 min

Kubernetes Security Response Committee: Intro & Deep Dive

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Monis Khan Micah Hausler
kubernetes security vulnerability-management cve bug-bounty cloud-native aws microsoft api-security supply-chain-security
Improve Vulnerability Management with OCI Artifacts – It Is That Easy!
36 min

Improve Vulnerability Management with OCI Artifacts – It Is That Easy!

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Itay Shakury Toddy Mladenov
vulnerability-management oci-artifacts sbom supply-chain-security container-security trivy notary oras cicd kubernetes container-registry signing
The Hacker's Guide to Kubernetes
34 min

The Hacker's Guide to Kubernetes

KubeCon + CloudNativeCon - KubeCon + CloudNativeCon Europe 2023
Patrycja Wegrzynowicz
kubernetes security hacking owasp-kubernetes-top-10 rce network-segmentation secrets-management container-security vulnerability-management cloud-native sre