Conference:  KubeCon + CloudNativeCon Europe 2023

Authors: Marina Moore

2023-04-19

The presentation is about the structure and schedule of a security conference, including unconference sessions, CTF, and hallway track.

• Unconference sessions are held in the afternoons and have different blocks for different topics
• CTF is on Thursday and has a fun theme
• Hallway track is an open space for spontaneous discussion
• The event was made possible by the tax security team and volunteers
• The presentation aims to start a conversation about security

Conference:  KubeCon + CloudNativeCon North America 2022

Authors: Naadir Jeewa, Pushkar Joglekar

2022-10-26

How does a Raccoon and a bunch of Turtles find common ground? Answer: You find a Goose who makes space where both feel welcome. In this session, Pushkar Joglekar and Naadir Jeewa will talk about how a multi-year collaboration where Kubernetes SIG Cluster Lifecycle, SIG Security & TAG Security came together to write the first community driven self-assessment of a Kubernetes sub-project: Cluster API. The session will cover how it all started from the basics with data flow diagrams to understand the internals of the project, then using that to model threats and assess next steps. Next, they will discuss challenges faced doing this exercise with folks around the globe (5 countries), limited maintainer time, doing our best to avoid zoom fatigue while trying and at times failing to be async first. Finally they will talk about what is happening with the findings from this exercise and how they plan to apply the lessons learnt from this exercise to future self-assessments across all Kubernetes sub-projects. Come for the stories from the animal kingdom; Stay for the real stories of humans bringing their best self to break some new ground in the form of community driven security improvements!