Attending this event?
Virtual Event
August 17–August 20, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please register here.

Please note: This schedule is automatically displayed in Central European Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Thursday, August 20 • 13:00 - 13:35
Threat Modelling: Securing Kubernetes Infrastructure & Deployments - Rowan Baker, ControlPlane & Jonathan Meadows, Citibank

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Security teams are often the last to know about an installation of Kubernetes, and are frequently concerned by its adoption. They have every right to be: poorly architected clusters can easily become exposed to unexpected threats, compromised by hostile workloads, or impossible to maintain.

It doesn’t have to be this way! This talk details mechanisms for architecting Kubernetes securely in regulated organisations, and shares lessons learnt threat modelling with the CNCF Financial User Group including:

- How to use threat modelling to secure clusters and workloads

- Real-world examples of Kubernetes deployments, and multi-tenant security architectures from financial services

- Where to apply controls to layer defence in depth

- Using compliance standards to satisfy security teams

- How to integrate Kubernetes with a global SOC

- Gotchas, common threats, and advanced mitigations


Jonathan Meadows

Head of Cloud Cyber Security Engineering, Citibank
Jonathan Meadows (Head of Cloud Cyber Security Engineering at Citibank.  Jonathan has extensive software engineering experience in the financial services industry coupled with an in depth knowledge of cyber security.  He is a keen advocate of a DevSecOps culture with heavy use of... Read More →

Rowan Baker

Head of Security, ControlPlane
Rowan has extensive experience auditing, accrediting, and developing Kubernetes and containerised systems for high compliance commercial and public sector organisations. He is a contributor to the CNCF Financial Services User Group Kubernetes Threat Models, and is Head of Security... Read More →

Thursday August 20, 2020 13:00 - 13:35
Feedback form isn't open yet.