Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Kubernetes workloads are more frequently becoming the target of cyber attacks as threat actors become more aware of the inherent vulnerabilities of Kubernetes' larger attack surface. Firewalls have traditionally been used to block attacks, but if the perimeter is breached there's no protection from within the cluster. The conventional way to identify attacks is with an Intrusion Detection System, or IDS. However, the dynamic nature of Kubernetes requires a purpose-built Kubernetes-native IDS solution that can detect, alert, and block attacks.

A deep-dive interactive workshop with a Calico expert who will help you to design your next step in Kubernetes security. You will come away from this workshop with an understanding of how others in your industry are doing Kubernetes security and observability in AWS, Azure, GCP, and private cloud environments, and with best practices that you can implement in your own organization.

Due to the ephermeral, dynamic and highly distributed nature of Kubernetes deployments, they are vulnerable to cyber attacks. In this interactive workshop a Kubernetes security expert will help you design how to protect Kubernetes environments from cyber threats.

Due to the ephermeral, dynamic and highly distributed nature of Kubernetes deployments, they are vulnerable to cyber attacks. In this interactive workshop a Kubernetes security expert will help you design how to protect Kubernetes environments from cyber threats. This 90-minute hands-on lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge on how to implement.

Over the years building Calico, we have gotten to see the Kubernetes user journey for various organizations. We have seen many users focus on getting their workloads deployed in Kubernetes without thinking through their security or observability strategy, and then struggle as they try to understand how to secure and observe such a complex distributed system.

Increased adoption of containers and cloud platforms has resulted in a proliferation of new security risks. The dynamic nature of Kubernetes can create challenges for organizations with PCI-DSS regulatory compliance requirements. To compound this challenge, developers and site reliability engineers are now being asked to secure the services they own despite having little prior experience or training in security best practices.

In this EKS-focused workshop for Kubernetes security and observability, you will work with a Calico and AWS expert to learn how to design, deploy, and observe security and networking policies in an EKS environment. This 90-minute hands-on lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge.

In this enterprise compliance focussed workshop for Kubernetes, you will work with a Calico subject matter expert to learn how to design, deploy, and observe security and networking policies to ensure compliance in your Kubernetes environment. This 90-minute hands-on lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge on how to implement.

SOC 2 compliance is a component of the American Institute of CPAs (AICPA)'s Service Organization Control reporting platform, whose goal is to ensure that systems are enabled to support the five trust service principles: security, availability, processing integrity, confidentiality, and privacy of customer data. The SOC 2 auditing procedure is specifically designed for service providers storing customer data in the cloud. That means SOC 2 applies to nearly every SaaS company, as well as any organization that uses the cloud to store its customers' information. For security-conscious businesses handling sensitive customer data, SOC 2 compliance is a minimal requirement when considering a SaaS provider.

Denial of service (DoS) attacks in Kubernetes can bring down containers, pods, nodes, or entire clusters. This type of attack can cause all pods running on a node to be kicked out, resulting in nodes being unavailable. In this session, you will learn about DoS attack mitigation using Calico XDP (eXpress Data Path). The session will focus on: You will come away with an understanding of Calico XDP and how to use it effectively to protect against DoS attacks.