KubeCon + CloudNativeCon North America 2020 Virtual

By accessing this sponsored session, the third party sponsor will receive some of your registration data. This data includes your First Name, Last Name, Title, Company, Address, Email, Standard Demographics Questions (I.e. Company Size, Job Function, Industry), and details about the sponsored content you interacted with. If you choose to access sponsored sessions, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

This is an on-demand session and will be available for the duration of the event.


Security as Code has yet to gain the same popularity or notoriety as the practice of Infrastructure as Code.  Infrastructure as Code has become a cornerstone to automating software development pipelines, increasing development velocity and operational efficiency. Unfortunately, defining fine-grained security policies early in an SDLC is a much more complex, nuanced and (hopefully) layered endeavor.  
To both the developer and the user, security shares neither critical path nor perceived value as new functionality is delivered. Yes, of course everyone cares when there is a breach or an attack or a laptop goes missing. But in ephemeral environments, the more granular the security the more likely it changes. When security changes have more potential to slow development velocity or “take down production”, developers, operations and security are left trying to balance creating, testing & managing security vs time spent delivering business differentiating value.
NeuVector Engineer Tracy Walker examines a single security use case - egress control - and in 15 minutes describes how the granularity and management implemented via Security as Code differs between Kubernetes, Openshift, Istio, and NeuVector.