AppSec California 2020, January 21-24 at the Annenberg Beach House, Santa Monica, CA
Back To Schedule
Thursday, January 23 • 4:20pm - 5:10pm
Kubernetes Security From The Trenches

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Everybody is talking about Kubernetes these days. Whether you are in DevOps, Development Security, you’re thinking about containers, micro-services and orchestrators. Kubernetes has become the standard orchestrator to manage containerized applications. Kubernetes is accelerating the move from monolithic applications to distributed, containerized applications. This technology shift is also forcing companies and people to adapt to organizational changes, for example adopting DevOps and CI/CD workflows, and the ever increasing decentralization of IT and development teams.

Security has to evolve along with these technology and process changes. Security requirements for monolithic applications must be translated to distributed micro-applications, it has to “shift left” to the developer teams to allow for continuous deployments, and new threats models have to be created. Unfortunately, most companies transitioning to Kubernetes are rightly concerned that their Security Teams are not ready to help them maintain the same level of security they had before.

In the past year, I have been working directly with many developers, DevOps, and Security teams to understand their security concerns and the new security issues they have faced. This talk explains the state of Security in Kubernetes, how to secure the different layers of this new infrastructure, what are the common threats and how to respond. I will share real-world examples of security issues and best practices that companies are putting in place, how Security Teams are changing to adapt, and how the responsibility for security is being split between different teams in the organization.

avatar for Julien Sobrier

Julien Sobrier

Product Line Manager, VMWare
Julien Sobrier has spent 15+ years in the Security industry, as a Security Researcher at Netscreen/Juniper and Zscaler, then Product Manager at Zscaler, Salesforce and now Octarine (Kubernetes Security). He has co-authored Power Security Tools (O'Reilly) and released many browser... Read More →

Thursday January 23, 2020 4:20pm - 5:10pm PST
Terrace Lounge