21 October, 2021 - Kubecon NA 2021 - what you might miss

21 October, 2021 - Kubecon NA 2021 - what you might miss

Cloud Security News this week 21 October 2021

It's a month full of conferences and as promised we are back with our 2nd episode this week to bring you the cloud security highlights from KubeCon. In this episode we will share some of our team’s favourite from Kubecon 2021 North America

If you aren't quite familiar with the wonderful world of Kubernetes, there are a few weird and wonderful open source acronyms in today’s episode. TUF refers to The Update Framework, SPIFFE refers to Secure Production Identity Framework for Everyone SPIFFE, SPIRE is the SPIFFE’s Runtime Environment). Now that we are all across cool Kube words - lets into the talks

  • Starting off with the talk from Andrew Martin, Co-Founder of Control Plane and Author of Hacking Kubernetes and Kubernetes Threat Modelling. He spoke about Kubernetes Supply Chain Security - he showcased work to build a Kubernetes Software Factory with Tekton and Deep dived on signing and verification approaches to securely build software with (TUF) SPIFFE, SPIRE and sigstore
  • Ian Coldwater from Twilio; Brad Geesaman & Rory McCune from Aqua Security Duffie Cooley from Isovalent combined forces to share with the community how they do security research or hacking Kubenetes clusters using a recently discovered Kubernetes CVE (Common Vulnerability and exposure) - Their talk was called Exploiting a Slightly Peculiar Volume Configuration with SIG-Honk
  • Matt Jarvis from Synk shared what to do if your container has a huge number of Vulnerabilities - how to prioritise them and remediate them in his talk My Container Image has 500 Vulnerabilities, Now What?
  • Talking about containers and Vulnerability scanning If you want to know about how vulnerability scanners work, their blind spots and how to implement a practical risk based approach to remedy vulnerabilities that really matter to your organisation - check out Pushkar Joglekar’s Keeping Up with the CVEs: How to Find a Needle in a Haystack?
  • If you find yourself asking “How do I access my S3 bucket in AWS from my GCP cluster?” Brandon Lum & Mariusz Sabath, IBM may have the answer for you in their talk Untangling the Multi-Cloud Identity and Access Problem With SPIFFE Tornjak where they talk about a proposed shift in the perspective of workload identity from being “platform specific” to “organization wide” using SPIFFE/SPIRE and the new SPIFFE Tornjak project.

Episode Show Notes on Cloud Security Podcast Website.

Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

Instagram - Cloud Security News

If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

- Cloud Security Podcast:

- Cloud Security Academy:

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(40)

Vulnerabilities discovered in AWS, GCP and Azure

Vulnerabilities discovered in AWS, GCP and Azure

Cloud Security News this week 26 Jan 2023 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) In...

26 Jan 20237min

Amazon S3 encrypts by default and The CircleCI Breach

Amazon S3 encrypts by default and The CircleCI Breach

Cloud Security News this week 14 Jan 2023 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) In...

14 Jan 20236min

New Cloud Vulnerability Database + Another Misconfigured S3 Bucket

New Cloud Vulnerability Database + Another Misconfigured S3 Bucket

Cloud Security News this week 14 July 2022 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) I...

14 Juli 20225min

Dell Embraces Multi-cloud + Hackers use stolen OAuth

Dell Embraces Multi-cloud + Hackers use stolen OAuth

Cloud Security News this week 11 May 2022 Brought to you this week by JupiterOne To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - C...

11 Maj 20226min

AWS Security Hub releases 5 new controls + Latest with Spring4shell

AWS Security Hub releases 5 new controls + Latest with Spring4shell

Cloud Security News this week 12 April 2022 Brought to you this week by Teleport To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - C...

13 Apr 20225min

What is Spring4shell? + Should we be concerned?

What is Spring4shell? + Should we be concerned?

Cloud Security News this week 30 March 2022 To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) ...

7 Apr 20224min

Latest with Okta/Lapsus$ + Return of Log4J

Latest with Okta/Lapsus$ + Return of Log4J

Cloud Security News this week 30 March 2022 Brought you by - JupiterOne - Find out more about them at www.jupiterone.com/csp To read more about this week's stories head to https://cloudsecuritypodcast...

30 Mars 20226min

All you need to know about the Okta and Microsoft breach

All you need to know about the Okta and Microsoft breach

Cloud Security News this week 23 March 2022 Brought you by - JupiterOne - Find out more about them at www.jupiterone.com/csp - Hunters - Find out more about them at www.hunters.ai To read more about t...

23 Mars 20225min

Populärt inom Politik & nyheter

aftonbladet-krim
svenska-fall
tv4-nyheterna-story
p3-krim
rss-krimstad
motiv
de-fyras-gang
spar
flashback-forever
aftonbladet-daily
rss-expressen-dok
rss-sanning-konsekvens
rss-krimreportrarna
rss-flodet
rss-vad-fan-hande
politiken
rss-frandfors-horna
krimmagasinet
kungligt
svd-dokumentara-berattelser-2