Nodeless K8s & Container Security

Sysdig - 85 2nd St #800 San Francisco - View Map San Francisco Kubernetes Meetup
Thu, Feb 21, 2019, 6:30 PM (PST)

About this event

Hello SF Kubernauts!

First up, Madhuri will cover why nodeless is valuable in Kubernetes deployments on public cloud. She will walk us through two ways of turning your Kubernetes cluster nodeless - virtual-kubelet over {Fargate, ACI}, and kubelet over Kiyot. Demo included, of course.

The second presentation will delve into events. In any Cloud Native architecture, a seemingly endless stream of events happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as provide an audit trail of activity. This talk will cover how Sysdig extended Falco to ingest events beyond just host system calls. Mark will demonstrate:

* How to create Falco rules to detect behaviors in new event streams.
* How Falco implements Kubernetes audit events.
* How to configure the event stream.
* How to create additional event streams leveraging the generic implementation provided by Falco.

Attendees will gain a deep understanding of Falco's architecture, and how to customize Falco for other events.

SPONSORED: Big thanks to NetApp, Sysdig and Tigera for their support!

Are you a local group member interested in presenting to the group? If so, please submit your talk at:

6:30 - 7:00 - Social
7:00 - 7:10 - Community Announcements
7:10 - 7:40 - Madhuri Yechuri, Elotl
7:45 - 8:15 - Mark Stemm, Sysdig
8:15 - 8:45 - Social / Wrap-up

Madhuri is a systems engineer with 18 years experience in database server technologies (Oracle), virtualization (VMware), and container technologies (ClusterHQ) before founding Elotl. Madhuri received her Masters in Computer Science from Indiana University Bloomington, and Bachelors in Computer Science from Indian Institute of Technology Kharagpur.

Mark is a Software Engineer with 20 years experience using data and analysis to solve hard problems and build great products.
He has a B.S. in Mathematics/Computer Science from Carnegie Mellon University and a M.S. and Ph.D. in Computer Science from the University of California, Berkeley.
He's worked at Fast Forward Networks/Inktomi on the first generation of internet-based live video broadcasting, at Cloudmark building the world's leading email anti-spam platform for ISPs and mobile providers, and at Jut building a streaming data analysis and visualization platform.
Mark currently works at Sysdig on the open source product Falco, a behavioral activity monitor with full support for containers.


Sysdig Corporate Offices
85 2nd Street
8th Floor
San Francisco, CA 94105

There will be a security person at the building entry, then take the elevator to the 8th floor.


Thursday, Feb 21
6:30 PM - 9:00 PM (PST)


85 2nd St #800 San Francisco