CNCF On-Demand Webinar: Policy as Code to manage security risk in K8s before & after deployment

CNCF Online Programs
Feb 4 - 10, 12:00 AM (PST)

About this event

Modern Kubernetes applications are deployed on a wide range of hosting environments, from multitenant clusters in the cloud to specialized microclusters at the edge. Recent security disclosures, such as those associated with CVE-2020-8554 and CVE-2020-8569, highlight the need for development teams to protect their applications against weaknesses that may be exposed through the runtime environment.

This presentation will demonstrate how Kubernetes development teams can improve security with policy as code, using open standards such as the Open Policy Agent (OPA) and open source IaC scanners such as Terrascan. OPA provides a standard tool for codifying and evaluating policies, and Terrascan provides hundreds of pre-built policies aligned to best practices for Kubernetes, common cloud environments, and package managers such as Helm. Used together, they help you establish and enforce security policies during development that will help eliminate security risks before services and applications are deployed, and build those policies into the application so it can remain secure when faced with attacks in the runtime environment.

Speaker

  • Cesar Rodriguez

    Cesar Rodriguez

    Accurics

    Head of Developer Advocacy


  • Organizers

  • Ihor Dvoretskyi

    Ihor Dvoretskyi

    Cloud Native Computing Foundation

    Organizer

    View Profile
  • Kristi Tan

    Kristi Tan

    CNCF

    Organizer

    View Profile
  • Chris Aniszczyk

    Chris Aniszczyk

    Linux Foundation (CNCF)

    Organizer

    View Profile
  • Libby Schulze

    Libby Schulze

    CNCF

    Organizer

    View Profile