<img src="https://ws.zoominfo.com/pixel/JHVDdRXH2uangmUMQBZd" width="1" height="1" style="display: none;">

New! Magalix brings you the SaC (Security-as-Code) podcast. Listen now!

Exit icon Listen Now

KubeCon North America 2020 - Security and OPA Sessions for Cloud Native Practitioners

Kubernetes KubeCon CloudNativeCon
KubeCon North America 2020 - Security and OPA Sessions for Cloud Native Practitioners
Kubernetes KubeCon CloudNativeCon

Customized Agenda at a Glance

Magalix team is very excited to sponsor KubeCon + CloudNativeCon North America 2020 Virtual. We created this customized agenda for you relating to Cloud Native Security and Open Policy Agent (OPA). These sessions and workshops provide insights on best practices and business challenges, an opportunity to learn hands-on, and many more. Enjoy and make sure to drop by our booth in Expo Hall, Startup-Hall C.

KubeCon2020 Article

Cloud Native Security Sessions and Workshops

1- Cloud Native Security Day hosted by CNCF.

About the Session

This session is to share the latest challenges and solutions in cloud native, it is an open event so everyone can share their current roadblocks and how they overcame it. Cloud security is the hot topic now, organizations and teams are concerned about how to integrate security into their cloud native. Full agenda.

Session Date & Time Tuesday November 17, 2020 10:00am - 6:00pm EST

 

2- Security as Code for Dev Teams Looking to Meet SecOps Compliance. 

About the Session

Security for Cloud Native Applications is one of the crucial challenges for many enterprises, Trendmicro will talk about providing a demo on how to fill this security gap and gain visibility on the major security threats that affect your applications availability. Full agenda.

Session Date & Time November 17 • 1:00pm - Friday, November 20 • 7:00pm

 

3- Capture the Flag Security Challenge KubeCon 2020 hosted.

About the Session

This session is for different levels of DevOps, Coders and experienced security practitioners. Promising a fun and rewarding hands-on experience through which you will learn how to protect your applications from cyberattacks. There will be three winners at the “Capture the Flag “ competition final. You should expect to learn the following from this session:

  • Deploy and integrate security early on in your Jenkins pipeline
  • Detect and investigate open source vulnerabilities and threats in container images
  • Simulate an attack on a running container in EKS based on the results identified
  • Protect the application with security-as-code to prevent vulnerabilities from being exploited - Full agenda.

Session Date & Time Tuesday November 17, 2020 1:00pm - 2:00pm EST

 

4- Kubernetes-native Security with Starboard.

About the Session

Starboard will present a number of demos to show how to manage and access reports through different tools and how reports can relate to different resources, from pods through to entire clusters. In this session, you will learn:

  • How to generate actionable security information that's visible to the people who need it.
  • How to extend different tools to integrate your favourite security tool

In order to register for this session and get the best out of it, invitees are expected to have basic familiarity with security tools like vulnerability scanning, YAML checks, and CIS benchmarks. Full agenda.

Session Date & Time Thursday, November 19 • 2:55pm - 3:30pm

Open Policy Agent Sessions and Workshops

1- Using Open Policy Agent to Meet Evolving Policy Requirements.

About the Session

In this session, VMware will discuss how OPA helped their team develop and deploy new policies. They will also provide real life examples on how they changed Kubernetes policy requirements to achieve compliance without affecting their CI/CD pipelines and workflows. Full agenda.

Session Date & Time: Friday November 20, 2020 5:05pm - 5:40pm EST

 

2- Creating a Pipeline to Validate Your OPA Policies.

About the Session

In this session, you will learn how to optimize your workflow through applying configuration governance as a code to your Kubernetes clusters; a number of testing tools will be presented to help you test and validate your OPA against your applications. There will be a live demo to show using a combination of Rego unit tests and deploy policy changes through GitOps strategy to a live cluster. Full agenda.

Session Date & Time Thursday, November 19 • 4:50pm - 5:25pm

 

3- Kubernetes Governance - How to Create Custom Advisors with Rego Using Magalix.

About the Session

In this webinar, our team at Magalix team will go through a real example of how we implemented a simple governance framework within Magalix using our own product. We will focus on a simple policy and go through its full life cycle.  The same process could be applied to other policies and you can easily extrapolate from this example to meet your own specific needs. Full Agenda 

Session Date & Time Wednesday, November 18th, 2020 03:00 PM PST | 06:00 PM EST

Comments and Responses

Related Articles

The Shared Security Model - Dividing Responsibilities

Understanding the Shared Cloud Security Model and causes behind common data breaches.

Read more
How to Prevent Non-Secure Container Images from Being Deployed with Policy-As-Code

Security is critical to business continuity. As such, DevOps teams must prevent non-secure container images from being deployed. But how do you do it?

Read more
Using Affinity with nodeSelector and Policy-As-Code, and Exclusions

In a Kubernetes cluster, you have to leverage policy-as-code to enforce Node Affinity using nodeSelector. But how do you do go about it? Learn more.

Read more