logo
allArticlesConferencesPresentations

Keynote: The Cloud Native Chasm

Conference:  KubeCon + CloudNativeCon Europe 2022

2022-05-19

Authors:   Emily Fox

Summary

The Cloud Native Chasm: Building a Secure High-Impact Project
  • Cloud native projects require a guide to navigate the complex and massive landscape
  • Security is often not added on day one and needs to be considered after understanding the project's goals and environment
  • Building a secure high-impact project requires help and a security mindset from all contributors
  • Projects need to plan for changing uses and new use cases that may reveal inherent weaknesses or invalid security assumptions
  • Public discussion, clearly documented decisions, and well-defined roadmaps with clear outcomes are necessary for building and securing projects
  • Participating in security reviews and assessments and joining security-focused groups can help reframe thinking and create more secure structures
In 2018, Josh Bressers said that even security people don't add security on day one. It's important to focus on the project's goals and environment before considering appropriate security mechanisms. Building a secure high-impact project requires help and a security mindset from all contributors. Projects need to plan for changing uses and new use cases that may reveal inherent weaknesses or invalid security assumptions. Public discussion, clearly documented decisions, and well-defined roadmaps with clear outcomes are necessary for building and securing projects. Participating in security reviews and assessments and joining security-focused groups can help reframe thinking and create more secure structures.

Abstract

They jumped, they leapt, they soared - and graduated. Cloud native projects each have their own path for crossing the chasm. Some projects front load - they spend a lot of time going over every detail, building governance and technical strategy while others run and jump, catching their breath on the other side to regain composure, build endurance, and continue moving forward. But for some projects, they’re still on the precipice, staring wistfully at the other edge, yearning to get there. There is no road to drive down, and no bridge to cross. In this talk, we’ll explore what it means to build that bridge, add side rails, and enable other projects continue improving that bridge, bringing everyone forward together.Click here to view captioning/translation in the MeetingPlay platform!
Materials:
Tags:
Cloud Native
chasm
Projects
Governance
strategy

Post a comment

Related work

Microservices Made Easy!

Conference:  KubeCon + CloudNativeCon North America 2021
Authors: Donovan Brown, Jessica Deen
2021-10-13

SIEM There, Done That: Rising Up in the SecOps Revolution

Conference:  RSA Conference 2023
Authors: Bryan Palma
2023-04-24

Keynote: The Next Steps in Software Supply Chain Security

Conference:  Cloud Native SecurityCon North America 2023
Authors: Brandon Lum

Kubernetes Defensive Monitoring with Prometheus

Conference:  KubeCon + CloudNativeCon Europe 2023
Authors: David de Torres Huerta, Mirco De Zorzi
2023-04-20

I, for One, Welcome Our New Power Analysis Overlords

Conference:  BlackHat USA 2018
Authors:
2018-08-08

K8s in a Submarine: Optimizing Delivery for Some of the Hardest-to-reach Systems on Earth

Conference:  ContainerCon 2022
Authors: Jeff McCoy
2022-06-21