In-person + Virtual
October 11-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Thursday, October 14 • 5:25pm - 6:00pm
The Hitchhikers Guide to Container Security - Tunde Olu-Isa, Oteemo & Jed Salazar, Isovalent

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
You’ve seen the Kubernetes security announcements: CAP_NET_RAW rogue advertisements, runc breakout, hostNetwork hijack.. oh my! It seems that the best you can do is keep up with patching, but often these vulnerabilities take advantage of overly permissive Pods. In this talk, we’ll introduce the riskiest privileges that Pods can request, what allowing those privileges means for your cluster, and how to create security policy to protect your cluster and its users. If you’ve ever wondered, “what does enabling privileged actually mean?”, hitch a ride on a whirlwind and fun guide about the basics of Pod security and how you can easily configure security policy to keep Kubernetes safe. Any level of experience can benefit from learning about the riskiest privileges Pods can request and reducing the threats in your environment by running your workloads safely.

avatar for Jed Salazar

Jed Salazar

Security Architect, Chainguard
Jed Salazar started his Security and SRE journey working on Borg clusters and securing Alphabet companies at Google. He's passionate about security and SRE and spreading knowledge to benefit everyone in the community. In his free time he enjoys trail running the mountains.

Tunde Olu-Isa

Managing Consultant, Oteemo
Tunde is currently the Chief Architect at the Department of Defense, Platform One, and Managing Consultant at Oteemo. Tunde worked at  VMware, Heptio, and IBM. He helped build highly performant distributed systems, provided recommendations and advice on best practices on open source... Read More →

Thursday October 14, 2021 5:25pm - 6:00pm PDT
Petree Hall C + Online