Hot Topics

KSOC Shares List of Top Eight Kubernetes Vulnerabilities
kubectl get secret: Working with Secrets in Kubernetes
Securing Cloud-Native Data at Rest
Cosmonic Open Source Project Integrates Nomad and Cilium
How to Build Next-Gen Apps With Serverless Infrastructure

Dan is a principal researcher at Expel, a transparent managed security provider. With nearly a decade of experience in security operations at scale, he's been exposed to a ton of different environments, unusual attacks, and challenging security problems. Lately, he's been focused on helping organizations protect their cloud and containerized infrastructure.

Understanding Role-Based Access Control in Kubernetes

“I’m sorry Dave, I’m afraid I can’t do that.” – HAL 9000, 2001: A Space Odyssey This iconic quote from 2001: A Space Odyssey is a great place to start if you ...

Dan Whalen | October 10, 2022 | container security, identity and access, KubeCon, kubernetes, role-based access control

Techstrong TV – Live

Click full-screen to enable volume control

Watch latest episodes and shows

UPCOMING WEBINARS

DevOps.com
SecurityBoulevard.com

Mastering DevOps in a Multi-Cloud Environment

15 June 2023

Join JFrog’s Strategic Enterprise Solution Lead, Tatarao Vana, to learn how the JFrog DevOps Cloud Platform unifies workflows to break down silos and deliver real-time end-to-end transparency. With built-in security, governance and compliance for your software delivery requirements, JFrog ensures seamless multi-cloud management. The post Mastering DevOps in a Multi-Cloud Environment appeared first on DevOps.com. [...]

DevSecOps

12 June 2023

DevSecOps best practices are increasingly being adopted to better secure software supply chains. The challenge, as always, is finding ways to optimize these processes so that developers will embrace them and so that the rate at which applications are being built and deployed doesn’t slow down. DevSecOps brings application development teams and cybersecurity teams together […] The post DevSecOps appeared first on DevOps.com. [...]

ActiveState Workshop: Building Secure and Reproducible Open Source Runtimes

8 June 2023

In this follow-along workshop, we’ll use the ActiveState Platform to set up an example of Python machine learning (ML) runtime with security baked in and consistently applied across operating systems to show how your dev team can get up and running in minutes – pain-free. The post ActiveState Workshop: Building Secure and Reproducible Open Source Runtimes appeared first on DevOps.com. [...]

Secure Your Container Workloads in Build-Time with Snyk and AWS

7 June 2023

In this workshop we will walk through identifying threats, vulnerabilities and misconfigurations that are common in cloud-native applications today. With a focus on fixing issues, the workshop will also cover how to pinpoint must-fix open vulnerabilities in development using runtime signals, while also effectively protecting workloads in production. The post Secure Your Container Workloads in Build-Time with Snyk and AWS appeared first on DevOps.com. [...]

Maximize IT Operations Observability with IBM i Within Splunk

7 June 2023

Splunk’s powerful IT operations analytics platform helps you optimize the performance and availability of IT systems and applications, while controlling IT costs and resources. However, IBM i systems have been left out of most Splunk environments because the machine data they generate is unique and requires specialized skills to work with. Ironstream collects and feeds […] The post Maximize IT Operations Observability with IBM i Within Splunk appeared first on DevOps.com. [...]

Identity and Access Management

24 July 2023

As organizations look to implement zero-trust IT policies, many have come to realize that identity is the new perimeter to be defended. The challenge is most of them rely on antiquated approaches to identity and access management (IAM). Come learn how organizations can modernize IAM in a way that makes achieving zero-trust policy goals achievable.. The post Identity and Access Management appeared first on Security Boulevard. [...]

Unleash the Potential of Your Log and Event Data, Including AI’s Growing Impact

22 June 2023

In this Techstrong Learning Experience, Techstrong Research GM Mike Rothman and André Rocha, VP Product & Operations from ChaosSearch, will share insights from a recent Techstrong audience poll on this topic, and discuss the most pressing challenges and solutions, including the inevitable and significant impact of Generative AI. The post Unleash the Potential of Your Log and Event Data, Including AI’s Growing Impact appeared first on Security Boulevard. [...]

Sneak Peek: Cloud Security Prioritized With Sonrai

22 June 2023

During the session, we’ll give a live demonstration of how Sonrai can help secure your cloud environment by lockingdown identities, access and permissions. In this program, learn how Sonrai can help you achieve a higher level of security and compliance for your cloud infrastructure. The post Sneak Peek: Cloud Security Prioritized With Sonrai appeared first on Security Boulevard. [...]

Strange Bedfellows: Software, Security and the Law

22 June 2023

During this live panel roundtable, experts from security, software and legal disciplines discuss some of the top cyberlaw and legal topics affecting software supply chain security. The post Strange Bedfellows: Software, Security and the Law appeared first on Security Boulevard. [...]

Securing Containers & Kubernetes With AWS And Calico

15 June 2023

In this program, we will walk you through the container threat landscape and why there is a need for a new approach to container and Kubernetes security. The post Securing Containers & Kubernetes With AWS And Calico appeared first on Security Boulevard. [...]

Understanding Role-Based Access Control in Kubernetes

Kubernetes Geek Talk: Understanding Pod Status

Study Finds Kubernetes Usage Tied to Business Success

Day 2 Kubernetes Cost Challenges

KSOC Publishes SBOM Specification for Kubernetes

Securing Container Images Across the CI/CD Pipeline