Registration | Start of the event, attendee registration and morning munch time. |
CNCF Updates by Satyam Soni | New updates about the CNCF |
Modern Security Paradigms by Ram Iyengar | Software is constantly evolving, with new methods of designing, building, and consuming software emerging regularly. As software evolves, aspects like quality, reliability, and security must also adapt—but are they keeping pace?
Join this insightful talk as we delve into security within two pivotal software domains: containers and open-source. These domains have significantly transformed the tooling landscape, particularly concerning security. In this session, we will explore various techniques and tools designed to enhance security in containers and open-source software. |
AMA | Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup. |
(Featured Session) Secure Multi-Tenancy with vCluster and Falco: Enhancing Kubernetes Security and Isolation by Saiyam Pathak | In this session, we will explore how to leverage vCluster for robust tenant isolation through the creation of separate virtual clusters, ensuring logical separation in shared Kubernetes environments. Additionally, we will delve into Falco, an open-source runtime security tool that detects real-time threats and suspicious activities in Kubernetes, such as privilege escalations and unauthorized access.
This session will showcase best practices for integrating vCluster and Falco to enhance both isolation and threat detection in multi-tenant environments. Attendees will gain actionable insights into building a secure, scalable Kubernetes infrastructure using these tools.
Session Takeaways:
1. Tenant Isolation with vCluster: Understand how vCluster enables strong tenant isolation by creating distinct virtual clusters.
2. Threat Detection with Falco: Learn how Falco monitors and detects real-time threats within Kubernetes environments.
3. Best Practices: Discover how to effectively combine vCluster and Falco to achieve secure multi-tenancy in Kubernetes. |
AMA | Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup. |
Govern Application Deployments on Kubernetes with Policy as Code Using Kyverno by Vinod Kumar | This session dives into CNCF’s incubating project, Kyverno—a Kubernetes-native policy engine designed to streamline the management and governance of application deployments through Policy as Code. The session begins with an introduction to Kubernetes authorization, setting the foundation for Kyverno’s role in the Kubernetes ecosystem. Attendees will then be guided through a hands-on demonstration, learning to write and apply policies in YAML format to enforce governance on their deployments. The session will wrap up with an interactive Q&A segment.
Key Takeaways:
1. Understand Policy as Code: Gain insights into how Kyverno simplifies governance with YAML-based policies.
2. Explore Kubernetes Governance: Learn how Kyverno enforces security and compliance natively within Kubernetes.
3. Hands-on Demonstration: Experience Kyverno in action, showcasing its policy enforcement capabilities during deployments.
4. Real-world Applications: Discover how Kyverno can automate security, validation, and resource management in real-world scenarios. |
AMA | Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup. |
Chai & Coffee Break | Refresh, network, and recharge with a warm cup! |
Patch It Up: Real-Time Vulnerability Management with Kyverno and KubeArmor by Barun Acharya | Organizations often use Admission Controllers like Kyverno and static analysis tools to enforce security best practices. However, these measures alone may not fully safeguard against future vulnerabilities. Applying upstream fixes can take time when new vulnerabilities emerge, making it more practical to sandbox these vulnerabilities in the interim.
Preventing application downtime due to vulnerabilities is vital, and virtual patching serves as an effective solution. By containing and preventing the exploitation of vulnerabilities at runtime, virtual patching ensures security without affecting application behaviour or deployment processes.
In this talk, we will explore live examples featuring well-known vulnerabilities like Log4j, PwnKit, xz, and Leaky Vessels. Attendees will learn how to use Kyverno to identify vulnerable workloads, utilize image vulnerability scanner results, and generate KubeArmor policies to apply virtual patches to specific deployments—ensuring enhanced security without disrupting operations.
Key Takeaways:
1. Understanding Virtual Patching: Learn how virtual patching can contain vulnerabilities in real time.
2. Vulnerability Identification: Discover how Kyverno and image vulnerability scanners identify and manage vulnerable workloads.
3. Hands-on Demonstration: See how to generate KubeArmor policies to apply virtual patches effectively for continuous security. |
AMA | Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup. |
End to End Enterprise Security for Kubernetes by Hemant Rathore | Explore the comprehensive strategies and best practices necessary to secure Kubernetes environments from start to finish. This talk delves into the critical components of enterprise security, covering everything from initial deployment configurations to ongoing threat detection and response. Learn how to safeguard your Kubernetes clusters against potential vulnerabilities, ensuring robust protection and compliance across your entire infrastructure. Whether you’re a seasoned Kubernetes pro or just starting, this session will equip you with the insights needed to maintain a secure and resilient enterprise ecosystem. |
AMA | Interactive session with an expert speaker. A platform to engage, learn, and share insights in a community meetup. |
Breakout session (Follows Chatham House Rules) | In this engaging breakout session, attendees will be split into groups and assigned to different rooms. Each group will tackle a series of exciting tasks designed to test creativity, collaboration, and problem-solving skills. Compete with your peers to complete the challenges with flair. The group that demonstrates the most innovative and effective solutions will be crowned the winners! Get ready to think outside the box and showcase your teamwork prowess. May the best team win! 🌟 |
Quiz | Dive into our exciting quiz, where your session savvy could lead to victory! Test your knowledge, compete for glory, and have a blast! 🧠🏆 |
Lunch and Networking! | Dedicated time for attendees to munch, network, establish connections, and bond over shared interests. |
Lights off | See you folks at the Next Event. |