Container & Kubernetes Security

DevSecOps - Netherlands is a DevSecOps community for anyone interested in securing a software development lifecycle (DevSecOps). To deliver secure innovations and shift security left, organizations must commit to changes in skills, culture, technology and processes. Join this community to learn more about DevSecOps and how to make it successful within your organization.

DevSecOps - Netherlands

<HR>
 
<H2>Agenda</H2>
18:00 – Welcome with food and drinks
19:00 – First talk with Andreas Lambrecht
19:45 – Second talk with Andrew Repton
20:30 – Networking
 
<HR>
 
Location: Schuberg Philis B.V., Boeing Avenue 271, 1119 PD Schiphol-Rijk, Netherlands
Go to the main entrance and follow our DevSecOps Meetup signs.
Public Transport (coming from Amsterdam Centraal):
NS Sprinter to Hoofddorp -> Bus stop Station Beneden -> Bus AML Flex 163 (Conexxion) direction Beechavenue  -> Bus stop “Bushalte” Beechavenue -> seven-minute walk to Schuberg Philis B.V.
Additional bus: Bus 180 direction Schiphol P30 -> Bushalte Boeingavenue -> Three-minute walk to Schuberg Philis B.V. 
Parking: There is free parking available.
 
<HR>
 
<H2 CLASS="MsoNormal">DevSecOps Netherlands, DevOps Amsterdam and Schuberg Philis have set up the third Meetup for the growing DevSecOps community in the Netherlands. The evening will be held by our two great speakers Andreas Lambrecht from Aqua Security and Andrew Repton from Schuberg Philis. We hope that you will enjoy the presentations and wish you an interesting evening.</H2>
<H2>Join our Meetup group: <A HREF="https://www.meetup.com/DevSecOps-Netherlands/" TARGET="_blank" DATA-MSYS-CLICKTRACK="0" REL="nofollow noopener noreferrer">https://www.meetup.com/DevSecOps-Netherlands/</A></H2>
<H2>Follow us on Twitter: <A HREF="https://twitter.com/DevSecOpsNL" TARGET="_blank" DATA-MSYS-CLICKTRACK="0" REL="nofollow noopener noreferrer">@DevSecOpsNL</A></H2>
 
<HR>
 
Andreas Lambrecht
Information Security departments often view containers as challenging to manage (code moves too fast for risk analysis, thousands of containers with limited visibility or control). Government organizations such as NIST have published guidelines for Application Container Security, while serverless technologies such as Azure Container Instances or AWS Fargate create additional challenges regarding how security risks are managed. 
In this presentation we will look at these challenges and demonstrate how security controls can be continuously embedded into the application lifecycle. 
Bio
Andreas is a Solution Architect at Aqua Security, helping enterprises to secure the software supply chain and the runtime of containerized and cloud native applications. Andreas has over 19 years of experience in consulting, designing, implementing and operating advanced datacenter and infrastructure project across EMEA. Prior to joining Aqua, Andreas held consulting architect and technical solutions engineer roles at vendors like VMware, Puppet and Docker. 
LinkedIn: http://www.linkedin.com/in/andreas-lambrecht
Twitter: <A HREF="https://twitter.com/vAndrucha77" TARGET="_blank" DATA-MSYS-CLICKTRACK="0" REL="nofollow noopener noreferrer">@vAndrucha77</A>
 
<HR>
 
Andrew Repton
As containers become more prevalent in our technology landscapes, container security has likewise increased in importance. However, our containers don’t just run independently, we use container orchestration systems like Kubernetes to run them at scale and in production. In shared clusters, it is critical to ensure proper authentication, authorization and pod security best practices. Recently, CVE-2018-1002105 demonstrated the first major vulnerability in the popular orchestration platform. Using a demonstration, we’ll take a look together at the two versions of this vulnerability and discuss how they work. In addition, I’ll show some other ways to gather privileged information from inside a Kubernetes cluster and how to fix them.
Bio
Andy Repton is a Mission Critical Engineer at Schuberg Philis. Focusing on bringing new technology to maturity, his work ranges from running genomics pipelines to microservices web portals to financial development environments. When he’s not working or speaking at events, you’ll usually find Andy in the streets of a far-off country with a bag on his back, taking pictures and eating strange foods.
Twitter: @SethKarlo
LinkedIn: <A HREF="https://www.linkedin.com/in/andy-repton-bb661337/" TARGET="_blank" DATA-MSYS-CLICKTRACK="0" REL="nofollow noopener noreferrer">https://www.linkedin.com/in/andy-repton-bb661337/</A>
 
<HR>
 
Keywords:
<UL>
<LI>Container Security</LI>
<LI>DevSecOps</LI>
<LI>CI/CD pipelines</LI>
<LI>(S)SDLC</LI>
<LI>Security</LI>
<LI>Container</LI>
<LI>Pods</LI>
<LI>Nodes</LI>
<LI>Kubernetes</LI>
</UL>

Schuberg Philis

Our {communityGuidelinesLink} describe the sort of content we prohibit on Eventbrite. If you suspect an event may be in violation, you can report it to us so we can investigate.

To report other categories of prohibited or illegal content, submit {link}

Container & Kubernetes Security

More events from DevSecOps - Netherlands

Follow organizers to get events picked for you

Still looking for the right event?

Explore all events in Schiphol-Rijk and filter by date, category, and more to find the perfect fit.

Container & Kubernetes Security

More events from DevSecOps - Netherlands

Follow organizers to get events picked for you

You might also like...

Sign-In for personalized recommendations

Still looking for the right event?

Explore all events in Schiphol-Rijk and filter by date, category, and more to find the perfect fit.