Loading…
Virtual Event
August 17–August 20, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please register here.

Please note: This schedule is automatically displayed in Central European Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Tuesday, August 18 • 17:45 - 18:20
The Kubernetes Bug Bounty Program - What Researchers and Users Need to Know - Taahir Ahmed, Google & Reed Loden, HackerOne

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
In January, Kubernetes launched a bug bounty program (BBP), creating a centralized way for security researchers to report vulnerabilities they find in products in exchange for monetary rewards. Just as many organizations support open source by hiring developers, paying bug bounties directly supports security researchers. The Kubernetes BBP is particularly interesting as it’s still rare for a large scale, open-source infrastructure project to have a public BBP.

In this talk, we’ll cover what a BBP is and what it means for Kubernetes. We’ll cover vendor selection for the bug bounty, defining the scope and rewards, learnings from the private beta, and what you need to know as a researcher and user today. We’ll also reiterate how the Product Security Committee responds to new vulnerabilities, so you know what’s being done to keep clusters safe.
Speakers
avatar for Reed Loden

Reed Loden

VP of Security, Teleport
Reed Loden is the Vice President of Security at Teleport, a technology company that helps organizations securely access their infrastructure. He is an information security expert, researcher, hacker, and developer. Reed bring over 15+ years of security experience to his role at Teleport... Read More →
TA

Taahir Ahmed

Software Engineer, GKE Security, Google
Taahir Ahmed is a Software Engineer with the GKE Security team in Google Cloud. He is an active contributor to Kubernetes, as well as other open-source projects. Prior to his work on GKE, he worked on software and security certification at Amazon.

August 18 The Kubernetes Bug Bounty Program What Researchers and Users Need To Know pdf
Close Caption Transcript DYJG 9535 txt
Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259
  Security + Identity + Policy