Creating Cloud Native Security

Cloud native security is constantly evolving to keep up with the changes in software management and architecture. The Security TAG is a community of passionate volunteers who guide the community on appropriate security mechanisms, architectures, design patterns, and tooling.

• Cloud native security is not new, but is under constant iteration and creation
• The Security TAG considers, analyzes, and guides the community on appropriate security mechanisms, architectures, design patterns, and tooling
• The Security TAG has undertaken several efforts with community impact such as the Supply Chain Security Paper, CNCF Project Security Reviews, Security Pals, and more
• Cloud native security creates disposable layers of credential providing protection from certain scales of attacks
• The Security TAG is changing the entire technology ecosystem

Cloud native security is like building a house with Lego blocks. Each block represents a layer of security, and if one block is compromised, it can be easily replaced without affecting the entire structure. This approach allows for scalable identity strategies and infrastructure that is constantly patched.

Cloud native security is not new, but is under constant iteration and creation. As cloud native innovation occurs, the Security TAG is lock-step in considering, analyzing, and guiding the community on the most appropriate security mechanisms, architectures, design patterns, and tooling. This presentation covers an introduction to the Security TAG, their charter and scope, and then deep dives on several efforts the TAG has undertaken (completed and in progress) with their community impact such as the Supply Chain Security Paper, CNCF Project Security Reviews, Security Pals, and so much more. This session is for anyone interested in cloud native, cloud native security, or wishes to understand how a community of passionate volunteers can change an entire technology ecosystem.