In-person + Virtual
October 24-28
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Friday, October 28 • 11:00am - 11:35am
The Insider Threat: Third-Party Applications In Your Cluster - Dagan Henderson, Raft, LLC & Will Kline, Dark Wolf Solutions

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

As powerful as Kubernetes is out-of-the-box, it’s a reasonable bet that your organization’s baseline cluster includes more than just the core Kubernetes components. Service meshes, CSI drivers, admission controllers, and database engines are nearly ubiquitous additions to production-ready clusters. Crucially, these applications allow your organization’s development teams to focus on solving the organization’s unique challenges by building on top of robust third-party solutions that solve common industry problems, but vulnerabilities in third-party code can put the security of your clusters at risk. In this talk, the speakers will briefly review a few examples of real-world vulnerabilities in third-party applications commonly found in large Kubernetes clusters and describe just how they were discovered; demonstrate how critical some vulnerabilities can be; and then review clear, actionable steps your organization can take to help prevent third-party vulnerabilities from being the weak link in your clusters’ security.

avatar for Dagan Henderson

Dagan Henderson

Director of Platform Engineering, Raft, LLC
Dagan Henderson is the Director of Platform Engineering at Raft, LLC, a GovTech company specializing in Kubernetes and Data Streaming. He began programming in the mid 90s, and has been working as a professional software engineer for the past 15 years. A largely self-taught developer... Read More →
avatar for Will Kline

Will Kline

Senior Principal, Dark Wolf Solutions
Will Kline is a Senior Principal with Dark Wolf Solutions, where he works with different customers to modernize their containerized development environments. He’s been working with Linux containers since the pre-Docker days. He also dabbles in security, recently speaking with his... Read More →

Friday October 28, 2022 11:00am - 11:35am EDT
420 AB
  Security + Identity + Policy