KubeCon + CloudNativeCon Europe 2020 has ended

Create Your Own Event

KubeCon + CloudNativeCon Europe 2020

Virtual Event
August 17–August 20, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please register here.

Please note: This schedule is automatically displayed in Central European Summer Time (CEST). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

13:00 CEST

How This Innocent Image Had a Party in My Cluster - Amir Jerbi & Itay Shakury, Aqua Security

As security practices and tools for scanning container images are becoming increasingly popular, malicious actors are introducing sophisticated techniques to obfuscate their intent and evade scanning tools. The malware they plant cannot be detected using static analysis, or based on signatures. But dynamic analysis that runs the image, and then traces the activity of the running container can detect and document the entire multi-stage attack.

In this talk, we will review the evolution of these attacks as observed by Aqua’s security research team, and demonstrate the full chain of events and IoCs (indicators if compromise) that were detected. We will give practical advice on what developers and cluster admins should do to detect similar techniques, and the security controls the should be employed to reduce the chances of such an attack succeeding, as well as reduce its potential impact.

Speakers

Itay Shakury

VP Open Source, Aqua Security

Itay Shakury is the VP of Open Source at Aqua Security, where he leads engineering for open source, cloud native security solutions. Itay has some 20 years of professional experience in various software development, architecture and product management roles. Itay is also a CNCF Cloud... Read More →

Amir Jerbi

Co-founder and CTO, Aqua Security

Amir is the co-founder and CTO of Aqua Security, which he started 4 years ago. Before joining Aqua , he was the Chief Architect at CA Technologies and has 14 cloud and virtual security related patents and published papers. Amir is the co-organizer of the Tel Aviv Cloud Native Computing... Read More →

How This Innocent Image Had a Party in My Cluster pdf

Closed Caption Transcript ODTU 5110 txt

Tuesday August 18, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/Ut3rrtMOkXk

13:45 CEST

OpenID Connect as SSO Solution: Strengths and Weaknesses - Álvaro Iradier, Sysdig

OpenID Connect (OIDC), an identity layer on top of OAuth2 protocol, makes user login easier and allows for a seamless SSO experience between multiple tools and services by delegating authentication to a trusted Identity Provider (Authorization Server). The concept is quite appealing at first sight. But different implementations and lack of agreement, both on the client applications and on the Authorization Servers, can ruin your trip.

In this talk we will explain the basic concepts of OIDC, how it works, how it compares to other Federated Authentication systems like SAML, and some integration examples like Harbor or Kubernetes. Then we talk about some common issues that are still rough edges, like the user onboarding and the roles and group management. Finally, we will see how we can make some non-OIDC aware applications work with OIDC by delegating authentication to an Nginx proxy.

Speakers

Álvaro Iradier

Solutions Engineer, Sysdig

Álvaro is a solutions engineer at Sysdig. Before that, he worked in an IoT and financial micro-transactions company for 11 years as a Ninja developer. Then, he discovered he had been doing the fuzzy concept of DevOps when Adidas hired him for CI/CD support and platform engineering... Read More →

openid slides pdf

Closed Caption Transcript GDJB 8333 txt

Tuesday August 18, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/Ezi7LkpaU6Q

14:30 CEST

Handling Container Vulnerabilities with Open Policy Agent - Teppei Fukuda, Aqua Security

A vulnerability scanner for containers doesn’t help a user decide how to handle vulnerabilities. For example, even if a critical vulnerability is found, some organizations may accept the risk of it. The policy for vulnerability handling depends on the organization, and in many cases, the person in charge has to make a manual judgement based on this policy every time. This is time-consuming.

This talk demonstrates how to automatically handle vulnerabilities detected by a scanner using OPA.
- The vulnerabilities found by a scanner in CI are handled automatically by Open Policy Agent
- Applying custom policy, OPA shows users which vulnerabilities to address

This automatic vulnerability handling in CI will be demonstrated live, along with Trivy, which is an open source vulnerability scanner for containers. The same policy handling model could be used with any scanner.

Speakers

Teppei Fukuda

Open Source Software Engineer, Aqua Security

Teppei Fukuda is a developer of Trivy and a maintainer of Vuls. He works at Aqua Security as an Open Source Software engineer.He has a wealth of software engineering experience working on network and security. Away from the work, he loves Manga. He dreams of reading all the comics... Read More →

2020:08 KubeCon Europe 2020 pdf

Closed Caption Transcript UKRY 0253 txt

Tuesday August 18, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/WKE2XNZ2zr4

17:45 CEST

The Kubernetes Bug Bounty Program - What Researchers and Users Need to Know - Taahir Ahmed, Google & Reed Loden, HackerOne

In January, Kubernetes launched a bug bounty program (BBP), creating a centralized way for security researchers to report vulnerabilities they find in products in exchange for monetary rewards. Just as many organizations support open source by hiring developers, paying bug bounties directly supports security researchers. The Kubernetes BBP is particularly interesting as it’s still rare for a large scale, open-source infrastructure project to have a public BBP.

In this talk, we’ll cover what a BBP is and what it means for Kubernetes. We’ll cover vendor selection for the bug bounty, defining the scope and rewards, learnings from the private beta, and what you need to know as a researcher and user today. We’ll also reiterate how the Product Security Committee responds to new vulnerabilities, so you know what’s being done to keep clusters safe.

Speakers

Reed Loden

VP of Security, Teleport

Reed Loden is the Vice President of Security at Teleport, a technology company that helps organizations securely access their infrastructure. He is an information security expert, researcher, hacker, and developer. Reed bring over 15+ years of security experience to his role at Teleport... Read More →

Taahir Ahmed

Software Engineer, GKE Security, Google

Taahir Ahmed is a Software Engineer with the GKE Security team in Google Cloud. He is an active contributor to Kubernetes, as well as other open-source projects. Prior to his work on GKE, he worked on software and security certification at Amazon.

August 18 The Kubernetes Bug Bounty Program What Researchers and Users Need To Know pdf

Close Caption Transcript DYJG 9535 txt

Tuesday August 18, 2020 17:45 - 18:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Beginner (Very basic information)
Link to Video Recording https://youtu.be/UUXq7wOxyxI

18:30 CEST

Hey, Did You Hear About This New CVE? - A Vulnerability Response Playbook - Andrew Lytvynov, Independent & Alexandr Tcherniakhovski, Google

Kubernetes provides a lot of great ways to harden the security of your infrastructure. But despite how much you have it locked down, things will inevitably go wrong. Hope is not a strategy, so you need a contingency plan.
In this prescriptive talk, you will learn how to prepare for complex vulnerabilities (like the Intel speculative execution or Go HTTP/2 DoS vulnerabilities), mitigate them and clean up afterwards. We’ll share our experiences with the GKE fleet, dealing with newly announced vulnerabilities, and lessons learned balancing both security and reliability of workloads.
You will learn how to develop a response playbook for vulnerabilities. You will also learn about the tools that Kubernetes provides to help make your vulnerability response less hectic, such as audit logs, network policies and RBAC.

This talk will not cover live attacks (attackers in your infrastructure).

Speakers

Alexandr Tcherniakhovski

Engineer, Google

Alex is a Security Engineer at Google, working on Kubernetes Engine Security team. Alex focuses on the encryption at rest features of Kubernetes. Alex also an owner of encryption of rest feature in Kubernetes. Before Google, Alex worked at Microsoft in various security roles. Outside... Read More →

Andrew Lytvynov

Software Engineer, Independent

Hey, Did You Hear About This New CVE pdf

Close Caption Transcript ELYS 1523 txt

Tuesday August 18, 2020 18:30 - 19:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/Mi9t62vAXu0

13:00 CEST

Where Are Your Images Running? Stop Worrying and Start Encrypting! - Brandon Lum & Harshal Patil, IBM

Container image signing has made it possible for cluster operators to cryptographically verify that images are trusted. However, the same cannot be said of whether the nodes that run these images are trusted to view and use the contents of these images. This can be particularly important if compliance requires knowledge of WHERE a container image is running.

In this talk, we will show how DevOps, trust bootstrapping, and key management, in conjunction with container image encryption can achieve geofencing of execution. We will demo the new encrypted container images worker node model in containerd and cri-o working in such a context. In addition, we will explore how to bootstrap node trust, from simple setups to advanced key distribution using HW Root of Trust/TPM technologies like Keylime.

At the end, one should be able to “create an image only be usable by clusters in the EU region”.

Speakers

Harshal Patil

Advisory Systems Software Engineer, IBM

Harshal is an Open Source developer working on Kubernetes and Runtimes. At IBM Power Systems, he designs and implements container architectures focused on security that take advantage of Power's unique hardware features. In the container ecosystem, Harshal’s contributions span from... Read More →

Brandon Lum

Senior Software Engineer, IBM

Brandon loves designing and implementing computer systems (with a focus on Security, Operating Systems, and Distributed/Parallel Systems). He enjoys tackling both technical and business challenges and has a side interest in organizational behavior and leadership. At IBM Research... Read More →

Close Captioning Transcript OCPJ 9303 txt

KubeCon Virtual 2020 ECI pdf

Wednesday August 19, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/tRWMxuMEy9I

13:45 CEST

In a Container, Nobody Hears Your Screams: Next Generation Process Isolation - Andrew Martin, ControlPlane

Is it ever safe to run untrusted code in containers? Should process isolation keep workloads in, or attackers out? What would it take to run a malware test lab in Kubernetes?

With fast startup times and consistent execution environments containers beat traditionally slow, monolithic VMs -- but with the advancement of micro VMs the boundaries have become blurred. It is increasingly difficult to know which isolation technology to choose for our next application. Can we run different workloads in different “container” types -- on the same cluster?

In this talk we:
- examine the history of trying to safely run unsafe processes
- compare and contrast the emerging generation of process isolation and security techniques
- rationalise the design decisions that drive each project
- demo how to break in, out, and learn about what workloads are best suited to run in each technology

Speakers

Andrew Martin

CEO, ControlPlane

Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is at his happiest profiling and securing every tier of a cloud native system, and has battle-hardened experience... Read More →

ControlPlane Next Generation Process Isolation (Kubecon, July 2020) pdf

Close Captioning Transcript KDRL 2654 txt

Wednesday August 19, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/NQrs1mpfDNc

14:30 CEST

Securing Your Healthcare Data with OPA - Martin Pratt, Medudoc & Ash Narkar, Styra

In this talk, we will describe our “Shift Left” approach to security by using OPA to codify and enforce policies across our microservice architecture.

We will focus on the design of our OPA driven application development process that allows us to define custom security policies using OPA and enforce them by injecting our apps with an Envoy sidecar resulting in policy-enabled apps that are now ready to provide least-privilege access to PHI and PII data of our users.

In our demo we will show real-world examples of how we restrict access to sensitive data as well as how we control inbound and outbound traffic from our apps.

Speakers

Martin Pratt

CTO, Medudoc

Martin is the Technical Director for Platform at Ada Health. Martin has a degree in Human Computer Interaction, and has spent the last 13 years working in the technology sector in a wide range of roles, from product design & engineering through to system and organizational design... Read More →

Ash Narkar

Software Engineer, Styra

Ash Narkar is a maintainer of the Open Policy Agent project. Ash has over 5 years of experience working on large-scale distributed systems. Ash is a Senior Software Engineer at Styra, Inc. working on OPA development and integrations. Previously he was a Principal Engineer at Verizon... Read More →

Securing Your Healthcare Data with OPA :: Martin Pratt & Ash Narkar :: Kubecon Europe 2020 pdf

Close Captioning Transcripts HCKG 1328 txt

Wednesday August 19, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/X8AhoSFXSzU

16:55 CEST

Seccomp Security Profiles and You: A Practical Guide - Duffie Cooley, VMware

Have you wondered what a seccomp security profile is, and how it relates to Linux Capabilities?

Folks often dismiss seccomp profiles and Capabilities as a way of hardening applications as it is too difficult to determine what syscalls are in use by a given application.

In this session we will explore a couple of tools designed to make this more approachable.

Dockersl.im is an opensource project that can take a Dockerfile and an image and produce a smaller image containing only the necessary bits, a seccomp security profile derived from the system calls the application made while under test.

Inspektor Gadget is an opensource project by the folks at kinvolk that enables to make use of BPF to inspect a number of things about pods that are deployed. Providing better visibility into what pods are accessing from a syscall and filesystem perspective.

Come learn about these super powers!

Speakers

Duffie Cooley

Duffie Cooley, VMware

Duffie is a Staff Cloud Native Architect at VMware focused on helping enterprises find success with technologies like Kubernetes. Duffie has been working with all things virtualization and networking for 20 years and remembers most of it. He likes to present on topics ranging from... Read More →

CLOSE CAPTIONING TRANSCRIPT PDBA 7583 txt

Wednesday August 19, 2020 16:55 - 17:30 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/OPuu8wsu2Zc

17:40 CEST

Making Compliance Cloud Native - Ann Wallace & Zeal Somani, Google

If you’re in a highly-regulated industry, you likely have compliance requirements which make it challenging to adopt containers. Traditional compliance frameworks such as PCI and ISO 27001 were written for traditional architectures and have not yet adapted to cloud-native technologies.

We’ll first discuss misconceptions that auditors believe about cloud-native technologies and architectures. Then, we will demonstrate how to meet compliance requirements – like segmentation, encryption, supply chain management, and monitoring – in a containerized environment, using our OSS K8S compliance starter kit. Lastly, we will share techniques for communicating these learnings with audit and compliance officers.

Attendees will come away from this talk with knowledge of how technologies like Kubernetes can actually make compliance easier and how to shift left security and compliance requirements.

Speakers

Ann Wallace

Chief Adventure Officer, Girls Gone Wildwood

Ann Wallace iWhen not working, Ann can be found traveling and ultra-trail running with her dog Cedar.

Zeal Somani

GRC Lead, JupiterOne

Zeal has 10+ years of experience in security, compliance and open source. She is well versed in infrastructure, automation, security and compliance for frameworks like PCI DSS, NIST 800-53, ISO 27001, FedRAMP, HTRUST, and privacy regulations such as HIPAA, GDPR, CCPA - both as an... Read More →

Making Compliance Cloud Native compliance) (1) pdf

CLOSE CAPTIONING TRANSCRIPT BWBS 1080 txt

Wednesday August 19, 2020 17:40 - 18:15 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/5bRs6Xlw1ZY

13:00 CEST

Threat Modelling: Securing Kubernetes Infrastructure & Deployments - Rowan Baker, ControlPlane

Security teams are often the last to know about an installation of Kubernetes, and are frequently concerned by its adoption. They have every right to be: poorly architected clusters can easily become exposed to unexpected threats, compromised by hostile workloads, or impossible to maintain.

It doesn’t have to be this way! This talk details mechanisms for architecting Kubernetes securely in regulated organisations, and shares lessons learnt threat modelling with the CNCF Financial User Group including:

- How to use threat modelling to secure clusters and workloads

- Real-world examples of Kubernetes deployments, and multi-tenant security architectures from financial services

- Where to apply controls to layer defence in depth

- Using compliance standards to satisfy security teams

- How to integrate Kubernetes with a global SOC

- Gotchas, common threats, and advanced mitigations

Speakers

Rowan Baker

Head of Security, ControlPlane

Rowan has extensive experience auditing, accrediting, and developing Kubernetes and containerised systems for high compliance commercial and public sector organisations. He is an author of the GKE CIS Benchmark, contributor to the CNCF Financial Services User Group Kubernetes Threat... Read More →

Close Captioning Transcripts EJPM 7662 txt

20200820 KubeconEU Threat Modelling Kubernetes(1) pdf

Thursday August 20, 2020 13:00 - 13:35 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)
Link to Video Recording https://youtu.be/_T-5QhZieH8

13:45 CEST

Network Isolation For 1500 Microservices - Jack Kleeman

Network policies can be difficult to manage at scale while maintaining granular controls, and migrating an existing cluster is particularly challenging. In this presentation, Jack Kleeman will explain the problems that his team solved to be able to write, maintain, test, and enforce network policies for an existing self-managed Kubernetes cluster with 1500 highly connected Go microservices.

Speakers

Jack Kleeman

Security Engineer

Jack Kleeman leads infrastructure security projects, with a focus on Kubernetes, Envoy, Calico and Vault, and contributes to all four. His major concerns are secret management, certificate distribution, network isolation, and database authentication.

Network isolation kubecon.pptx pdf

Close Captioning Transcript DTDP 6429 txt

Thursday August 20, 2020 13:45 - 14:20 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/kVhSbHoBSH0

14:30 CEST

Uncharted Territories: Discovering Vulnerabilities in Public Helm Charts - Hayley Denbraver, Snyk

CNCF projects are making investments in security (including the recently open sourced security audits of both Kubernetes and Helm). Helm is an interesting case study because both the security of Helm as a tool and the security of Helm Charts are important considerations for users. What do we know about the security of individual Helm Charts, what can we find out, and how does that change how we approach the project? All these questions and more will be addressed as we plot course to Helm Chart security.

Speakers

Hayley Denbraver

Developer Advocate

Hayley has a background in Python, developer advocacy, and security. When not hacking, she takes her Labrador on hikes in her home of Seattle, Washington.

Uncharted Territories Discovering Vulnerabilities in Public Helm Charts pptx

CLOSE CAPTION TRANSCRIPTS MZXM 2846 txt

Thursday August 20, 2020 14:30 - 15:05 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Beginner (Very basic information)

17:20 CEST

The Common Configuration Scoring System for Kubernetes Security - Julien Sobrier, Octarine

The Common Vulnerability Scoring System (CVSS) is widely used to score vulnerabilities found in docker images. But how do you score the risk level of an entire workload, with its runtime configurations, network configurations, Pod Security Policy, privileges and capabilities added, etc.?

Julien will explore the Kubernetes Common Configuration Scoring System (KCCSS), an open-source framework to calculate risk scores for Kubernetes workloads, and kube-scan, an open-source scanner that implements the KCCSS. Based on CVSS, it categorizes risks associated with each runtime setting while considering how settings affect one another, and offers a global risk score for each workload—not just for individual settings. Attendees will learn how the KCCSS works, how it’s being used by end users for DevSecOps, and best practices for bullet proofing their own K8s applications.

Speakers

Julien Sobrier

Product Line Manager, VMWare

Julien Sobrier has spent 15+ years in the Security industry, as a Security Researcher at Netscreen/Juniper and Zscaler, then Product Manager at Zscaler, Salesforce and now Octarine (Kubernetes Security). He has co-authored Power Security Tools (O'Reilly) and released many browser... Read More →

CLOSE CAPTION TRANSCRIPTS PTRC 1529 txt

KCCSS KubeCon Europe 2020 v2 pdf

Thursday August 20, 2020 17:20 - 17:55 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Intermediate (Mid-level experience)

18:05 CEST

Using Kubernetes Secrets in GitOps Workflows Securely - Seth Vargo & Alex Tcherniakhovski, Google

Adopting GitOps for Kubernetes provides a single source of truth for cluster configuration and enables facilities like peer reviews and automated rollbacks. While many organizations store their Kubernetes configurations in git, Kubernetes Secrets are often managed via bespoke implementations outside of source control. Storing plaintext secrets in source, even in private repositories, is a horrible idea, but can we meet somewhere in the middle? In this session, attendees will learn how to securely store and manage Kubernetes Secrets in source control using Javascript Object Signing and Encryption (JOSE) and a Key Management Service (KMS). After this talk, attendees will be able to securely store and manage their Kubernetes Secrets in source the same way they manage their existing Kubernetes configurations.

Speakers

Seth Vargo

Engineer, Google

Seth Vargo is an engineer at Google Cloud. Previously he worked at HashiCorp, Chef Software, CustomInk, and some Pittsburgh-based startups. He is the author of Learning Chef and is passionate about reducing inequality in technology. When he is not writing, working on open source... Read More →

Alexandr Tcherniakhovski

Engineer, Google

Alex is a Security Engineer at Google, working on Kubernetes Engine Security team. Alex focuses on the encryption at rest features of Kubernetes. Alex also an owner of encryption of rest feature in Kubernetes. Before Google, Alex worked at Microsoft in various security roles. Outside... Read More →

Using Kubernetes Secrets in GitOps Workflows Securely pdf

CLOSE CAPTION TRANSCRIPTS RFPR 6057 txt

Thursday August 20, 2020 18:05 - 18:40 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/-k6HEXaE75k

18:50 CEST

Advanced Persistence Threats: The Future of Kubernetes Attacks - Ian Coldwater, Heroku & Brad Geesaman, Brad Geesaman Consulting

What would happen if your cluster was successfully compromised by an attacker who understands Kubernetes at a deep level? How could they attempt to avoid detection, cover their tracks, achieve full cluster access, obtain persistence, steal credentials, and launch additional attacks in your environment? As Kubernetes grows in popularity, the sophistication of attackers will improve, and security by obscurity will no longer be sufficient. Cluster operators need to be aware of what a skilled and knowledgeable attacker can be capable of.

Let’s explore the dark corners of clusters and shine a light on how features such as ephemeral containers and validating webhooks can be used to maliciously mutate pods, exfiltrate data, deploy “shadow” control planes, and more. The audience will learn how to detect these advanced approaches and how to prevent these attacks using practical, proven methods.

Speakers

Brad Geesaman

Staff Security Engineer, Ghost Security

Brad Geesaman is a Staff Security Engineer at Ghost Security and focuses on researching and building cloud-native systems with a security practitioner's mindset. When he’s not hacking on containerized environments, he enjoys spending time with his family in Virginia, eating Mexican... Read More →

Ian Coldwater

Security Researcher, Independent

Ian Coldwater is co-chair of Kubernetes SIG Security, a longtime community organizer, and a security researcher specializing in hacking and hardening Kubernetes, containers, and cloud native infrastructure. When they're not busy making good trouble, they like to read all the docs... Read More →

Advanced Persistence Threats Ian Coldwater & Brad Geesaman pdf

CLOSE CAPTION TRANSCRIPTS QPGD 2600 txt

Thursday August 20, 2020 18:50 - 19:25 CEST
InXpo https://onlinexperiences.com/Launch/Event.htm?ShowKey99259

Security + Identity + Policy

Content Experience Level Advanced (Expert level experience)
Link to Video Recording https://youtu.be/auUgVullAWM