The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Please note: This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
As powerful as Kubernetes is out-of-the-box, it’s a reasonable bet that your organization’s baseline cluster includes more than just the core Kubernetes components. Service meshes, CSI drivers, admission controllers, and database engines are nearly ubiquitous additions to production-ready clusters. Crucially, these applications allow your organization’s development teams to focus on solving the organization’s unique challenges by building on top of robust third-party solutions that solve common industry problems, but vulnerabilities in third-party code can put the security of your clusters at risk. In this talk, the speakers will briefly review a few examples of real-world vulnerabilities in third-party applications commonly found in large Kubernetes clusters and describe just how they were discovered; demonstrate how critical some vulnerabilities can be; and then review clear, actionable steps your organization can take to help prevent third-party vulnerabilities from being the weak link in your clusters’ security.
Dagan Henderson is the Director of Platform Engineering at Raft, LLC, a GovTech company specializing in Kubernetes and Data Streaming. He began programming in the mid 90s, and has been working as a professional software engineer for the past 15 years. A largely self-taught developer... Read More →
Will Kline is a Senior Principal with Dark Wolf Solutions, where he works with different customers to modernize their containerized development environments. He’s been working with Linux containers since the pre-Docker days. He also dabbles in security, recently speaking with his... Read More →