Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Conference

DevSecOps Road Trip UK stop - Andrew Martin & Lili Kastilio

Sep 13, 2021 By Snyk In Snyk
Session 1: Threat Modelling Kubernetes Cloud native container and Kubernetes systems bring new threats and risks to our precious workloads. As cloud technologies undergo rapid innovation and new tools and techniques emerge, security can get left behind. The answer to this conveyor-belt of potential insecurity? Threat modelling!
View Video

Are We Forever Doomed By Software Supply Chain Risks? Cyber Week Israel 2021, Liran Tal

Aug 1, 2021 By Snyk In Snyk
The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.
View Video

Deep-dive into Open Policy Agent + Conftest + GateKeeper - Shimon Tolts & Noaa Barki

Jul 21, 2021 By JFrog In JFrog
Yalla! DevOps 2021 -- The first, in-person DevOps conference of the year! Driven by the DevOps community. All about the DevOps community. Deep-dive into Open Policy Agent + Conftest + GateKeeper: Kubernetes Policy in action In this session, we will do a deep-dive session into: Open Policy Agent, Conftest, and GateKeeper. We will show real-life use cases of how to use those technologies in production in order to configure and enforce a centralized policy for Kubernetes Shimon and Noaa will present both sides of the dev stack, DevOps and Developers.
View Video

Threats targeting Kubernetes and Defences

Jun 11, 2021 By Tigera In Tigera
Attackers are continuously evolving their techniques to target Kubernetes. They are actively using Kubernetes and Docker functionality in addition to traditional attack surfaces to compromise, gain required privileges and add a backdoor entry to the clusters. A combination of Kubernetes security and observability tools is required to ensure the cloud infrastructure monitoring and lockdown and to enable DevSecOps teams with the right tools for the job.
View Video

Securing Kubernetes workloads at Discover Financial Services

Jun 11, 2021 By Tigera In Tigera
It’s a daunting task starting down the path to securing your workloads running on Kubernetes in the Cloud. There are no shortages of vendors with great tools in the Cloud security space. There is a multitude of domains that must be accounted for, along with internal challenges in bringing an organization along into new ways of thinking. This talk will focus on Discover’s Cloud security journey, with an overview of how the program has evolved over the last 4 years, key capabilities & concepts that have been embraced and challenges faced.
View Video

The Crossroad of Security & Observability in Kubernetes: A Fireside Chat

Jun 11, 2021 By Tigera In Tigera
Security as an afterthought is no longer an option and must be deeply embedded in the design and implementation of the products that will be running in the cloud. It is increasingly more critical for many security teams to be almost, if not equally, knowledgeable of the emerging and rapidly evolving technology. Join Manish Sampat from Tigera, as explores the topic in detail with Stan Lee from Paypal.
View Video

Upgrading DevSecOps with compliance automation - Bryan Langston, Mirantis

Jun 11, 2021 By Tigera In Tigera
Compliance automation is a commonly overlooked area of Kubernetes observability. The question is: how do you automate compliance to a security framework that isn’t well understood by DevSecOps teams to begin with? This lack of understanding contributes to mismanaged compliance efforts and in a worst-case scenario, audit exposures and organizational risk. This talk will walk through an example of how to 1) map compliance controls to specific Kubernetes technical configuration 2) automate the assessment of those controls 3) visualize the assessment results. DevSecOps teams will better understand how to incorporate compliance automation alongside security automation.
View Video

Building secure and observable Kubernetes platforms for scaled software delivery

Jun 11, 2021 By Tigera In Tigera
"Companies of various sizes are building their applications on Kubernetes because it provides significant operational benefits like autoscaling, self-healing, extensibility, and declarative deployment style. However, the operational benefits are only a starting point down the path of building a secure and observable platform that enables the continuous delivery of application workloads. This session shows how to build a fully operational platform, leveraging platform-oriented building blocks to address network security and observability.
View Video
Subscribe to Conference

Copyright © 2024 OpsMatters™. All rights reserved.