Securing the Cloud-Native Edge

May 21, 2026 Alan Shimel AI, cloud native, kubernetes, SUSECon

The job of “protecting the data” in a cloud-native environment used to mean snapshots and offsite copies of stateful workloads. That definition is breaking down quickly. Once an organization starts running RAG databases, fine-tuned models and agent state alongside its application data, the protected surface area expands well beyond what traditional Kubernetes backup was designed to cover — and the recovery story has to expand with it.

Alan Shimel, broadcasting from SUSECON in Prague, sits down with Kevin Keller and Matt Slotten to dig into what AI workloads actually do to the resilience model. Their argument is that vector stores, model weights and pipeline metadata are now mission-critical artifacts in their own right, and treating them as opaque storage doesn’t cut it. Recovery needs to be aware of what kind of data is being restored, not just where it lives.

The discussion gets into the practical mechanics of doing that on Kubernetes — application-aware capture, immutable backups to defend against ransomware aimed at AI assets, and policy-driven retention that recognizes the difference between a transient inference cache and a curated training corpus. They also walk through how integrating directly with the underlying cluster substrate (in this case SUSE Rancher) lets platform teams enforce protection as a property of the namespace rather than something bolted on after deployment.

The bigger thread is the move off legacy virtualization platforms and onto Kubernetes-based infrastructure, and what that consolidation means for security architecture. Keller and Slotten make the case that the organizations doing this well are using the migration window to rebuild their resilience posture around cloud-native primitives — GitOps, declarative policy, immutable artifacts — so that the same controls protect VMs, containers and AI workloads under a single operational model.

Alan Shimel

As Editor-in-chief of DevOps.com and Container Journal, Alan Shimel is attuned to the world of technology. Alan has founded and helped several technology ventures, including StillSecure, where he guided the company in bringing innovative and effective networking and security solutions to the marketplace. Shimel is an often-cited personality in the security and technology community and is a sought-after speaker at industry and government conferences and events. In addition to his writing on DevOps.com and Network World, his commentary about the state of technology is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.

Alan Shimel has 113 posts and counting. See all posts by Alan Shimel