logo

2022-10-24 ~ 2022-10-25

Presentations (with video): 37 (30)

CloudNativeSecurityCon is a two-day event designed to foster collaboration, discussion and knowledge sharing of cloud native security projects and how to best use these to address security challenges and opportunities. The goal is not just to propose solutions that incrementally improve what has come before, but to give room to breakthrough technology and advances in modern security approaches. Topics of sessions and lightning talks presented by expert practitioners include architecture and policy, secure software development, supply chain security, identity and access, forensics, and more.

Sort by:  

Authors: Loris Degioanni
2022-10-25

tldr - powered by Generative AI

The presentation discusses the importance of securing code repositories and how to detect and prevent threats using CNCF's Falco.
  • Code repositories are a prime target for attacks and are subject to several categories of threats such as pushing secrets, running GitHub actions with miners, and mistakenly publishing a private repository.
  • Falco is a runtime security tool that traditionally protects containers and pods in Kubernetes but now has a GitHub plugin to provide real-time runtime security for GitHub repositories.
  • Falco listens on containerized Kubernetes-based endpoints and captures signals such as system calls to detect bad stuff and give alerts.
  • Falco's rule engine is simple and customizable, allowing users to add their own rules to detect specific threats.
  • Falco is free, open-source, and can be helpful in securing code repositories.
  • The presenter invites attendees to a Falco party and a session with Falco developers to learn more about the tool.
Authors: Stephen Giguere
2022-10-25

tldr - powered by Generative AI

The presentation discusses the security challenges faced by open source projects and GitOps workflows, particularly in relation to GitHub Actions workflows. The speaker demonstrates potential abuses and vulnerabilities in GitHub Actions workflows and highlights the importance of implementing best practices to protect against attacks.
  • Open source projects and GitOps workflows are vulnerable to security threats
  • GitHub Actions workflows can be abused by malicious actors to gain access to sensitive information
  • Best practices, such as implementing environmental protection and short-lived tokens, can help protect against attacks
Authors: Mritunjay Sharma, Shuting Zhao, Ruhika Bulani
2022-10-25

tldr - powered by Generative AI

The panel discussion focuses on the intersection of Kyverno and DockerSlim in making Kubernetes workloads more secure.
  • Containers have become the norm as cloud adoption increases sharply.
  • Developers face challenges in making containers production-ready and secure.
  • Kyverno and DockerSlim are two projects that address these challenges.
  • Kyverno provides policies that act as a contract for shared environments like Kubernetes.
  • DockerSlim helps in minifying container images and automating the creation of AppArmor and SecComp profiles.
  • The combination of Kyverno and DockerSlim makes cluster security management easier and more efficient.
Authors: Pratik Lotia
2022-10-25

Tags:
Authors: Jimmy Mesta
2022-10-25

tldr - powered by Generative AI

The OWASP Top Ten for Kubernetes is a community-curated list of the most common Kubernetes risks backed by data collected from organizations varying in maturity and complexity. The project aims to help practitioners assess and secure the security of their containerized infrastructure.
  • The OWASP community has published a number of projects to help practitioners assess and secure the security of their containerized infrastructure
  • The OWASP Top Ten for Kubernetes is a community-curated list of the most common Kubernetes risks
  • The project is backed by data collected from organizations varying in maturity and complexity
  • The project aims to help practitioners assess and secure the security of their containerized infrastructure
Authors: Steve Wade
2022-10-25

tldr - powered by Generative AI

The presentation discusses the importance of asset inventory in Kubernetes clusters and highlights the need to stay updated with CVEs and API specifications. It also emphasizes the significance of networking and security in managed providers like EKS, GKE, and AKS.
  • Asset inventory is crucial in Kubernetes clusters to identify running applications and stay updated with CVEs and API specifications.
  • Managed providers like EKS, GKE, and AKS have limits and boundaries that need to be considered, especially in terms of networking and security.
  • Staying ahead of the curve of application developers is important for platform engineers responsible for Kubernetes clusters.
  • Links to official Kubernetes CVE streams are provided for reference.
Authors: Pratik Lotia, Jon Zeolla
2022-10-25

Organizations are in need for a standard, sane way to perform an assessment of their cloud native environments. This talk provides insight on how security professionals as well as auditors can identify whether they are following the controls and practices suggested in CNCF published white papers and thereby adhering to NIST 800-53v5 controls.. We will also provide examples on how we plan to develop open source automation (such as OSCAL) to reduce the toil of audits; and cross mapping to various frameworks and standards to enable builders focus on making their environments safer.
Authors: Billy Lynch
2022-10-25

Attestations are a useful tool for attaching supply chain metadata to artifacts and images, but how can we attach attestations to source code itself? In this talk, we'll go into some of the ways you can attach attestations to source code with Git. Learn how data can be stored verifiably alongside commits, how attestations can be modeled to describe SLSA source requirements, and how tools like Gitsign can make this easy to add to your CI/CD pipelines.
Authors: Asaf Cohen
2022-10-25

tldr - powered by Generative AI

The presentation discusses best practices for managing policy in DevOps and cybersecurity, including decoupling policy from code, using GitOps for policy, and planning ahead for future demands.
  • Decoupling policy from code is important for flexibility and scalability
  • GitOps for policy allows for auditable and testable policy management
  • Planning ahead for future demands ensures that the system can grow without needing to be rewritten from scratch
Authors: Tracy P Holmes, Raymond de Jong
2022-10-25

tldr - powered by Generative AI

The presentation discusses how to enforce network policies using Psyllium and Kubernetes to ensure least privilege security between microservices.
  • Psyllium and Kubernetes can be used to enforce network policies for microservices
  • Least privilege security can be achieved by filtering HTTP requests and restricting API access
  • L7 security policies can restrict access to required API resources
  • Psyllium website provides resources and a helpful Slack community for beginners and contributors