Loading…
Virtual Event
May 4 - May 7
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2021 Virtual to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

Back To Schedule
Thursday, May 6 • 13:30 - 14:05
Uncovering a Sophisticated Kubernetes Attack in Real-Time - Jed Salazar & Natália Réka Ivánkó, Isovalent

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
As Kubernetes adoption continues to explode, the threat actors working on attacks are growing in sophistication. Simple mitigations and security best practices are no longer sufficient alone to protect production workloads. While tools like vulnerability scanning, signed container images, and distroless containers help, constant monitoring must take place in a running environment to ensure it remains safe from compromise. eBPF, an emerging Linux kernel technology, provides us unique visibility directly into any Kubernetes pod. Because pods on a node share a single kernel, a single eBPF program has full visibility to the entire node’s workloads. We’ll show how using such a program gives us the network and process-level visibility to detect and a live sophisticated attack on our cluster. We’ll finish by showcasing how security teams can easily put these same tools to use to protect their critical Kubernetes environments from threats.

Speakers
avatar for Jed Salazar

Jed Salazar

Manager, Platform Security, Tesla
Jed Salazar started his Security and SRE journey working on Borg clusters and securing Alphabet companies at Google. He's passionate about security and SRE and spreading knowledge to benefit everyone in the community. In his free time he enjoys trail running the mountains.
avatar for Natália Réka Ivánkó

Natália Réka Ivánkó

Security Engineer, Isovalent
Security Engineer with a strong background in Container and Cloud Security. Former and a very possible future passion about building things that matters and help to Cloud Engineers to apply Security Best Practices during the development and to DevOps teams to get ready security-wise... Read More →



Thursday May 6, 2021 13:30 - 14:05 CEST
Security Theater
  Security + Identity + Policy