Loading…
Virtual Event
November 17–November 20, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Standard Time (UTC–05:00). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Friday, November 20 • 4:00pm - 4:35pm
Everything You Should Be Doing, But Aren’t: DevSecOps for K8s Workflows - Steven Terrana, Booz Allen Hamilton & Dan (POP) Papandrea, Sysdig

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.


Steven and Pop will describe a defense-in-depth approach to secure production workloads running on Kubernetes. We’ll show a live demonstration of using CNCF projects like Helm, OPA, Falco, and Argo to secure Kubernetes clusters. With a secure cluster, they will then show you how to leverage DevSecOps principles to incorporate security into every step of the software development lifecycle and how to scale your CI/CD pipelines using the open source Jenkins Template Engine. This talk is the result of lessons learned supporting multiple horizontals of end users, including FinTech and modern Federal software delivery. Specifically, attendees will walk away with actionable plans for how to implement: - Application Security - Configuration Management Policies - Runtime Threat Detection - Governance as Code - Post-mortem Forensics
Speakers
avatar for Steven Terrana

Steven Terrana

Chief Engineer, Booz Allen Hamilton
Steven is a Chief Engineer at Booz Allen Hamilton focused on building reusable capabilities for the Firm and industry. He uses these capabilities to help organizations adopt all things modern software delivery: DevSecOps, Cloud Infrastructure, Container Orchestration, and Microservice... Read More →
avatar for Dan Papandrea

Dan Papandrea

Field CTO, Sysdig
Dan "POP" Papandrea is the Field CTO for Sysdig, a cloud-native security and visibility platform. POP spends his days learning and contributing to the orchestration and container ecosystem. POP is the host of the hit podcast The POPCAST by Dan POP which explores the leaders and creators... Read More →

Friday November 20, 2020 4:00pm - 4:35pm EST
Intrado Virtual Event Platform
  CI/CD