Free

Container & Kubernetes Security

Event Information

Share this event

Date and Time

Location

Location

Schuberg Philis

271 Boeing Avenue

1119 PD Schiphol-Rijk

Netherlands

View Map

Event description

Description



Agenda

18:00 – Welcome with food and drinks

19:00 – First talk with Andreas Lambrecht

19:45 – Second talk with Andrew Repton

20:30 – Networking




Location: Schuberg Philis B.V., Boeing Avenue 271, 1119 PD Schiphol-Rijk, Netherlands

Go to the main entrance and follow our DevSecOps Meetup signs.

Public Transport (coming from Amsterdam Centraal):

NS Sprinter to Hoofddorp -> Bus stop Station Beneden -> Bus AML Flex 163 (Conexxion) direction Beechavenue -> Bus stop “Bushalte” Beechavenue -> seven-minute walk to Schuberg Philis B.V.

Additional bus: Bus 180 direction Schiphol P30 -> Bushalte Boeingavenue -> Three-minute walk to Schuberg Philis B.V.

Parking: There is free parking available.




DevSecOps Netherlands, DevOps Amsterdam and Schuberg Philis have set up the third Meetup for the growing DevSecOps community in the Netherlands. The evening will be held by our two great speakers Andreas Lambrecht from Aqua Security and Andrew Repton from Schuberg Philis. We hope that you will enjoy the presentations and wish you an interesting evening.

Join our Meetup group: https://www.meetup.com/DevSecOps-Netherlands/

Follow us on Twitter: @DevSecOpsNL




Andreas Lambrecht

Information Security departments often view containers as challenging to manage (code moves too fast for risk analysis, thousands of containers with limited visibility or control). Government organizations such as NIST have published guidelines for Application Container Security, while serverless technologies such as Azure Container Instances or AWS Fargate create additional challenges regarding how security risks are managed.

In this presentation we will look at these challenges and demonstrate how security controls can be continuously embedded into the application lifecycle.

Bio

Andreas is a Solution Architect at Aqua Security, helping enterprises to secure the software supply chain and the runtime of containerized and cloud native applications. Andreas has over 19 years of experience in consulting, designing, implementing and operating advanced datacenter and infrastructure project across EMEA. Prior to joining Aqua, Andreas held consulting architect and technical solutions engineer roles at vendors like VMware, Puppet and Docker.

LinkedIn: http://www.linkedin.com/in/andreas-lambrecht

Twitter: @vAndrucha77




Andrew Repton

As containers become more prevalent in our technology landscapes, container security has likewise increased in importance. However, our containers don’t just run independently, we use container orchestration systems like Kubernetes to run them at scale and in production. In shared clusters, it is critical to ensure proper authentication, authorization and pod security best practices. Recently, CVE-2018-1002105 demonstrated the first major vulnerability in the popular orchestration platform. Using a demonstration, we’ll take a look together at the two versions of this vulnerability and discuss how they work. In addition, I’ll show some other ways to gather privileged information from inside a Kubernetes cluster and how to fix them.

Bio

Andy Repton is a Mission Critical Engineer at Schuberg Philis. Focusing on bringing new technology to maturity, his work ranges from running genomics pipelines to microservices web portals to financial development environments. When he’s not working or speaking at events, you’ll usually find Andy in the streets of a far-off country with a bag on his back, taking pictures and eating strange foods.

Twitter: @SethKarlo

LinkedIn: https://www.linkedin.com/in/andy-repton-bb661337/




Keywords:

  • Container Security
  • DevSecOps
  • CI/CD pipelines
  • (S)SDLC
  • Security
  • Container
  • Pods
  • Nodes
  • Kubernetes
Share with friends

Date and Time

Location

Schuberg Philis

271 Boeing Avenue

1119 PD Schiphol-Rijk

Netherlands

View Map

Save This Event

Event Saved