Secure-i-ous Solutions: Secret to Cloud Native Security

Start of the event, attendee registration and morning munch time.

New updates about the CNCF

In this session, we will explore the evolving landscape of software security, particularly in the context of containers and open-source software. As software development practices continue to change, the parameters surrounding software—quality, reliability, and security—must evolve at an equally rapid pace. But are they keeping up?

Join us as we delve into how containers and open-source software have transformed the tooling landscape, especially in terms of security. We will examine key techniques and tools designed to enhance security when working with containers and open-source environments.

Session Highlights:

1. The Evolution of Software Security: Understand how security practices are adapting to the rapid changes in software design, building, and consumption.
2. Containers and Open-Source Impact: Explore how these domains have shifted security tooling and what it means for modern software.
3. Practical Techniques and Tools: Discover actionable methods to improve security within containerized and open-source environments.

Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup.

In this session, we will explore the use of vCluster to achieve robust tenant isolation by creating separate virtual clusters, ensuring logical separation in shared Kubernetes environments. Additionally, we will delve into Falco, an open-source runtime security tool designed to detect real-time threats and suspicious activities in Kubernetes, such as privilege escalations and unauthorized access.

This session will highlight best practices for integrating vCluster and Falco to enhance both isolation and threat detection in multi-tenant environments. Attendees will gain actionable insights into building a secure, scalable Kubernetes infrastructure using these tools.

Session Takeaways:

1. Tenant Isolation with vCluster: Learn how vCluster enables strong tenant isolation through the creation of distinct virtual clusters.
2. Threat Detection with Falco: Understand how Falco monitors and detects real-time threats within Kubernetes environments.
3. Best Practices: Discover how to effectively combine vCluster and Falco to achieve secure multi-tenancy in Kubernetes.

Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup.

In this session, we will provide an in-depth overview of Kyverno, a Kubernetes-native policy engine and an incubating project of CNCF, designed to simplify the management and governance of application deployments through Policy as Code. We’ll begin by exploring how authorization works in Kubernetes to set the foundation for understanding Kyverno’s capabilities. The session will wrap up with a hands-on demonstration, where attendees will learn to write and apply policies in YAML to effectively govern their application deployments, followed by an interactive Q&A.

Key Takeaways:

1. Understanding Policy as Code: Learn how Kyverno makes governance straightforward by using YAML-based policies.
2. Kubernetes Governance: Discover how Kyverno enforces security and compliance natively within Kubernetes environments.
3. Hands-on Demonstration: See Kyverno in action as we demonstrate policy enforcement during application deployments.
4. Real-World Applications: Understand how to leverage Kyverno for automating security, validation, and resource management in your Kubernetes clusters.

Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup.

Refresh, network, and recharge with a warm cup!

In this session, we will explore how organizations can go beyond traditional security best practices, such as using Admission Controllers like Kyverno and Static Analysis tools, to protect against emerging vulnerabilities. While effective, these measures may not always safeguard applications against newly discovered threats. Since application upgrades can take time, it can be more practical to sandbox these vulnerabilities rather than wait for upstream fixes.

We will dive into the concept of virtual patching—an approach to contain and prevent the exploitation of vulnerabilities at runtime without affecting application behaviour or deployment processes, thereby preventing downtime.

Session Highlights:

1. Addressing Future Vulnerabilities: Learn why static analysis and admission controls may fall short in protecting against new threats.
2. Virtual Patching: Understand how virtual patching can help contain vulnerabilities without impacting applications.
3. Live Demonstrations: Explore real-world examples using well-known vulnerabilities, such as Log4j, PwnKit, xz, and Leaky Vessels.
4. Kyverno and KubeArmor Integration: See how to use Kyverno to identify vulnerable workloads, leverage image vulnerability scanners, and create KubeArmor policies for applying virtual patches, ensuring robust security without operational disruption.

Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup.

In this session, we will explore comprehensive strategies and best practices for securing Kubernetes environments from start to finish. We’ll cover the critical components of enterprise security, from initial deployment configurations to ongoing threat detection and response. Attendees will gain insights into safeguarding Kubernetes clusters against potential vulnerabilities, ensuring robust protection and compliance across the entire infrastructure.

Whether you’re an experienced Kubernetes professional or just beginning your journey, this talk will provide the essential knowledge needed to maintain a secure and resilient enterprise ecosystem.

Session Highlights:

1. End-to-End Security: Learn how to secure Kubernetes environments, starting from deployment configurations to continuous monitoring.
2. Enterprise Security Essentials: Delve into critical components necessary for robust protection and compliance within enterprise Kubernetes clusters.
3. Proactive Threat Detection: Explore best practices for ongoing threat detection and response to maintain cluster security.
4. Actionable Insights: Gain practical guidance to build and maintain a secure, resilient Kubernetes ecosystem, regardless of your current expertise level.

Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup.

In this engaging breakout session, attendees will be split into groups and assigned to different rooms. Each group will tackle a series of exciting tasks designed to test creativity, collaboration, and problem-solving skills. Compete with your peers to complete the challenges with flair. The group that demonstrates the most innovative and effective solutions will be crowned the winners! Get ready to think outside the box and showcase your teamwork prowess. May the best team win! 🌟

Dive into our exciting quiz, where your session savvy could lead to victory! Test your knowledge, compete for glory, and have a blast! 🧠🏆

Dedicated time for attendees to munch, network, establish connections, and bond over shared interests.