Keynote: It Takes a Community to Raise a Conference: From Security Day to CloudNativeSecurityCon

The presentation discusses the history and growth of CloudNativeSecurityCon, a conference focused on cloud native security. It highlights the challenges faced by the Security Technical Advisory Group (TAG) in defining security practices for cloud native technology stacks and the need for a platform to explore and drive content along these areas. The presentation also emphasizes the importance of community involvement in raising a successful conference.

• CloudNativeSecurityCon is a conference focused on cloud native security that grew out of Security Day, a one-day event proposed by Michael Ducey in 2019.
• The Security TAG was established to define security practices for cloud native technology stacks and fill the gap in security guidance, instruction, and tooling.
• The TAG faced challenges in defining security practices for cloud native technology stacks, including protecting workloads while ensuring usability and breaking down the complexity in audits.
• Cloud native security is a multi-objective, multi-constrained problem space that spans the entire software development life cycle.
• Community involvement is crucial in raising a successful conference.
• The conference has grown to hold seven events in Europe and North America, reaching thousands of practitioners online and in person.
• The conference has evolved to include workshops and tutorials to allow attendees to apply the theory of cloud native security into practice.

The presentation highlights the story of how CloudNativeSecurityCon grew out of Security Day, a one-day event proposed by Michael Ducey in 2019. The event was a huge success, and the program committee, along with other colleagues, were excited to hold another one and make it bigger and better. After performing a retrospective, the organizers received feedback from community members who wanted something more hands-on, such as workshops and tutorials, to apply the theory of cloud native security into practice. This led to the inclusion of workshops and tutorials in the conference, which has now grown to hold seven events in Europe and North America, reaching thousands of practitioners online and in person.

Our baby colo has grown up and ventured out on its own! How did this happen? They grow up so fast!  In less than 4 years we’ve held 7 events in Europe and North America — reaching thousands of practitioners online and in person.  All from a community member’s idea and the passionate volunteers that pulled together to make it real. Emily will share her experience coordinating Security Day - now grown into CloudNativeSecurityCon - and her aspirations for the future of this conference and cloud native security.