Bio: Thomas Labarussias (Sysdig)
Thomas is OSS/Ecosystem Advocate at Sysdig, the company which created and open-sourced Falco, the Security Runtime Engine for Kubernetes and Cloud-Native technologies. Thomas worked for Qonto, a modern banking for SMEs and freelancers, where he managed their Kubernetes clusters and the enthusiastic tools around, like ArgoCD, Traefik, Prometheus. He also assisted for many years pure-players and e-business companies for a large managed service provider, as an AWS expert and FinOps. He's one of the longest tenured members of the Falco community, and creator of Falcosidekick and Falcosidekick-UI, two major components of the Falco ecosystem.
Abstract:
The CNCF provides great solutions for managing security of Kubernetes Environment, like OPA and Kyverno for Policies, but what about threats or strange behaviors that may happen inside running containers? In your Cloud account? In the SaaS you use? Falco, the runtime security engine provides a way to detect all these patterns by analyzing syscalls with a kernel module or ebpf probe and with its fresh new plugin framework, possibilities become endless, any streams of events can be passed through its engine and trigger alerts. In recent months, the Falco Community has also described multiple ways to create a response engine. We don’t have not just notifications anymore, it’s real time reaction to threats!
Bio: Guillaume Guerard (WeScale)
Guillaume is a DevSecOps/Cloud Builder at WeScale. His main focuses are cloud platforms, cybersecurity & containerization. Alongside his missions Guillaume is also a blog author, a podcaster, a DevSecOps trainer & the co-leader of WeScale's cybersecurity community.
His creed is "Harder, Better, Faster, Stronger".
Abstract:
Kubernetes has been the flagship container orchestrator for several years now, and its popularity invites reflection on securing it.
Kubernetes has security solutions built into it, but it's up to the users to exploit them to their full potential. There are also plenty of external solutions to secure it.
Can we really rely solely on Kubernetes to secure Kubernetes? What are the external tools that could help out?
We will see together the different solutions to secure efficiently your Kubernetes clusters.
Sysdig
OSS/Ecosystem Advocate
WeScale
DevSecOps/Cloud Builder
Thomas is OSS/Ecosystem Advocate at Sysdig, the company which created and open-sourced Falco, the Security Runtime Engine for Kubernetes and Cloud-Native technologies. Thomas worked for Qonto, a modern banking for SMEs and freelancers, where he managed their Kubernetes clusters and the enthusiastic tools around, like ArgoCD, Traefik, Prometheus. He also assisted for many years pure-players and e-business companies for a large managed service provider, as an AWS expert and FinOps. He's one of the longest tenured members of the Falco community, and creator of Falcosidekick and Falcosidekick-UI, two major components of the Falco ecosystem.
Guillaume is a DevSecOps/Cloud Builder at WeScale. His main focuses are cloud platforms, cybersecurity & containerization. Alongside his missions Guillaume is also a blog author, a podcaster, a DevSecOps trainer & the co-leader of WeScale's cybersecurity community.
His creed is "Harder, Better, Faster, Stronger".
Ogenki
Lead Organizer
LUMEN
Lead organizer - CNCF Amabassor
Doctolib
Lead organizer
Aircall
Lead organizer
Team CNCF Paris Organizer
