Cloud native messaging system (NATS) and secure CI/CD pipelines (Snyk)


Feb 18, 2021, 4:30 – 6:30 PM

Virtual event

About this event

Hi all!

First of all, we hope you and your loved ones are doing well.

We are very happy to be back at the start of 2021 with a great event not to be missed!

You will find the agenda for this meetup below, we can't wait to see you again. For the moment it will be online via a Zoom link that we will send to you very soon and we really hope that the situation allows us to share a drink IRL :)

May we remind that you should register in the official CNCF community platform:

Start at 5:30PM.

Continuous Security - Building Security into your Pipelines



Matt Jarvis is a Senior Developer Advocate at Snyk. Matt has spent more than 15 years building products and services around open source software, on everything from embedded devices to large scale distributed systems. Most recently he has been focused on the open cloud infrastructure space, and in emerging patterns for cloud native applications. Matt is a regular speaker at conferences across the world, including Open Infrastructure Summit, FOSDEM and All Things Open.


In the world of continuous delivery and cloud native, the boundaries between what is our application and what constitutes infrastructure is becoming increasingly blurred. Our workloads, the containers they ship in, and our platform configuration is now often developed and deployed by the same teams, and development velocity is the key metric to success. This presents us with a challenge which the previous models of security as a final external gatekeeper step cannot keep up with.

To ensure our apps and platforms are secure, we need to integrate security at all stages of our pipelines and ensure that our developers and engineering teams have tools and data with enable them to make decisions about security on an ongoing basis. In this session I will talk through the problem space, look at the kinds of security issues we need to consider, and look at where the integration points are to build in security as part of our CI/CD process.

After many years of using RabbitMQ and Kafka in production, I will tell you why NATS is a player to consider.



Romaric is CEO and co-founder of Qovery with 10 years of experience in running production infrastructure. Former system engineer at Ullink and lead backend dev at Sirdata.


When building Cloud applications, we often put significant effort into breaking down our monoliths into small code pieces. They are easier to maintain but hard to make them communicate together.

This is where NATS comes in. NATS is a simple and highly performant messaging system for Cloud-native apps. In this talk, I will share my experience using NATS at Qovery, why you should or should not use it, and the difference between the well-known RabbitMQ and Kafka.

We look forward learning about NATS (a CNCF project) and how we could improve our security pipelines.

See you there,

The CNCF Paris team


  • Matt Jarvis


    Senior developer advocate

  • Romaric Philogène


    CEO and co-founder of Qovery


  • Smaïne Kahlouch


    Lead Organizer

  • Reda Benzair


    Lead organizer - CNCF Amabassor

  • Jean-Christophe Sirot


    Lead organizer

  • Emmanuel Lagrée

    Team CNCF Paris Organizer

  • Andrea Giardini

    CNCF Paris Organizer