The first event after the summer!
17.30 Doors open, Food and drinks sponsored by Hashicorp
18:00 Intro from Iver and sponsors
18:10 Security quick wins - Edvin
18:40 Short break
18:55 It depends... - Peter
20:00 We head to a pub somewhere nearby and continue talking to each other.
Edvin Norling (platform engineer @Kognic)
During the last meetup, Jesper spoke about hacking IT systems and how to how some of these systems can be easier or harder to attack due to how your yaml looks like.
This talk will be a demo on how you can harden your Kubernetes applications relatively easy using tools like OPA. Kyverno and showing that getting started with a base isn't that hard.
Demo repo: https://github.com/NissesSenap/k8s-quick-wins-demo
Peter Rosell (Platform Engineer @Pagero)
At Pagero we are looking into modernizing our dependency management and at the same time we want to streamline our security scanning. We have asked ourselves, how do we handle dependency updates in a more controlled way without removing features that our developers are used to.
We will show image scanning with generation of SBOM and how the result is use Dependency Track from OWASP.
We will ask a number of questions:
How do you handle dependency management? How fast do the developer want feedback on new dependencies?
Please share your ideas and let's have a discussion.
If you would like to speak at or host future meetups, please reach out to us, either in person at the event, via this platform, slack or email. We'd love to hear your story!