In-person + Virtual
October 24-28
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Friday, October 28 • 2:55pm - 3:30pm
Putting Hackers Breaching Your Cluster In Automatic Quarantine - Ziv Nevo, IBM

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Engineers can’t really prevent hackers form eventually breaching Apps. It is not a question of IF but of WHEN. And unfortunately, a question of how much damage was done to our or our users’ resources, data and reputation. This does not happen only to small Apps and companies with small budgets and limited resources but to huge companies and government agencies (see SolarWinds attack). The solution - automatically isolating attackers when they breach one of the Apps in your cluster (or the App you develop), keeping the rest of the cluster’s components safe. This session will present a survey encompassing many commonly used cloud native apps, engineers all love and need (like Prometheus, Kafka, Jenkins, ClearML and much more) and demonstrate the built-in vulnerability most cluster deployments exercise and how to secure it. State of the art practices leave several, rather easily breached, back doors in many clusters. We will deep dive into several real-world scenarios and see the simple, yet very often missed, blueprint for making our cluster or our App-users’ clusters much more malicious-resistant.

avatar for Ziv Nevo

Ziv Nevo

Research Staff Member, IBM Research – Israel
Ziv Nevo is a researcher in IBM Research - Israel. His research includes Cloud networking, Kubernetes networking, compliance and governance automation, formal reasoning technologies and more. Ziv holds B.Sc. and M.Sc degrees in Computer Science from the Technion - Israel Institute... Read More →

Friday October 28, 2022 2:55pm - 3:30pm EDT
420 AB
  Security + Identity + Policy