Let’s Go Backstage: IDP Security for Platform Engineers

The presentation discusses the importance of shifting left in cybersecurity and how to implement it using the open-source platform, Backstage.

• Backstage is an open-source platform for creating a developer portal that is extensible through plugins.
• Plugins can be created for displaying data, adding logic, and expanding storage.
• Shifting left in cybersecurity is crucial to prevent misconfigurations and vulnerabilities in clusters.
• Backstage can be used to implement shifting left in cybersecurity by creating a plugin for scanning and fixing misconfigurations and vulnerabilities.
• An anecdote is shared about a company that successfully created a plugin for their open-source tool using Backstage.

During a hackathon, a company decided to create a plugin for their open-source tool using Backstage. They were able to complete the plugin and showcase it at a conference. The speaker encourages the audience to create their own plugins using Backstage to add value to their developer portal and implement shifting left in cybersecurity.

Backstage is gaining wide adoption for platform engineering teams looking to build internal development platforms. It does an excellent job of enabling dev teams to manage a well-known inventory from creating clusters to adding them to the inventory and even rescans. Backstage coupled with Kubescape can provide you with the end to end Kubernetes security coverage you need across your entire pipeline through a rich plugin ecosystem. All of these together enable you to scan your known inventory and cluster, have a better understanding of your security posture, and visualize the results in your customized Backstage dashboard. In this talk we’ll provide real code examples for how to DIY, and build a full open source and fully secure IDP.