Chad M. Crowell
Platform Engineer at Civo, CNCF Ambassador, Speaker, and Author
Austin, Texas, United States
Actions
Chad is a CNCF Ambassador and Platform Engineer at Civo. Chad is the author of the book "Acing the Certified Kubernetes Administrator Exam." Chad also enjoys teaching Kubernetes in the small community-led group KubeSkills.
Area of Expertise
Topics
API-Driven Linux & Kubernetes Node Management
Talos Linux distinguishes itself by its immutable, minimalist design and integration with Kubernetes through API-driven management. This makes it well-suited for environments where security, scalability, and operational simplicity are paramount, such as Kubernetes clusters running in production environments.
In this talk, Andrew Rynhard, Founder & CTO of Sidero Labs, will walk us through Talos, a revolutionary Linux Operating system specifically designed for Kubernetes with security and simplicity in mind.
Debug Like a Pro: Ephemeral Containers and Wolfi Linux in Action
As the complexity of your Kubernetes environments grows, so does the complexity of debugging all that complexity. Developers face issues such as replicating the environments locally to test features and/or bugs properly. Developers also face the problem of debugging packages and package dependencies, as images are sometimes sourced from an entire Linux operating system like Ubuntu. Lastly, when multiple environments use non-essential components, tracking the root cause and debugging the configuration drift between environments becomes a nightmare. Not to mention storage and network bandwidth costs, which are notoriously high in cloud environments.
Minimalistic images enhance the development and operational aspects of software projects for developers. They enable more efficient, secure, and reliable software delivery, particularly in agile and DevOps environments where speed and security are paramount. Ephemeral containers are designed to be short-lived and are often used for specific tasks like debugging or running temporary jobs. When combined with minimalistic images, the result is a highly efficient, focused, and secure environment.
In this talk, we aim to identify the operational cost of using bloated images and offer a better path forward for increased efficiency, security, and maintenance in the context of debugging and error resolution. This ultimately leads to operational bliss, allowing the developer to focus on pushing features and increasing productivity.
ML-based API & Web App Security for Kubernetes
Kubernetes is the de facto operating system of the cloud. This presents a more significant threat target, but most companies running their workloads on Kubernetes don't take a security-first approach. Threats, including zero-day attacks and the OWASP-Top-10, are on the rise. In this talk, we'll discuss how Web Application Firewalls (WAF) work and walk through some options in Kubernetes Ingress, NGINX, and API Gateways that can improve security. Also, how to use machine learning to prevent attacks and provide preemptive web app & API threat protection.
Top 5 Success Factors for Cloud-Native Enablement and Common Pitfalls to Avoid
Training is increasingly important to tech workers (as shown in the 2023 State of Tech Talent Report). Still, many employees, especially those starting, struggle due to a lack of necessary resources and difficulty finding a mentor. In addition to the time dedicated to their continued education, tech workers need community. They can find immense value in looking outside of their organization and joining a professional learning community. We aim to provide that evidence in this talk and stories from the community.
In this talk, we will identify the top five elements of success for those who have joined a professional learning community and provide anecdotal evidence of successful outcomes. These topics include support and mentorship, interactivity of learning resources, learning relative to the job market, focusing on real-world projects and current industry challenges rather than outdated skills, and validating through certification.
Watching the Watchers: The Hidden Risks of Container Scanning Tools
As organizations increasingly utilize container images for their production workloads, securing them becomes more critical. What happens if the vulnerability scanners used to scan these images contain vulnerabilities themselves? This talk will explore the hidden risks associated with container vulnerability scanning tools and how to mitigate these potential threats.
Container vulnerability scanning tools, like any other software, can have vulnerabilities. If not regularly updated and patched, they can become targets for attackers who exploit these weaknesses to compromise critical systems. Also, these tools often require elevated privileges, leading to misuse or unauthorized access, posing significant security risks.
After this session, you'll learn:
- False positives and false negatives
- Identifying dependency issues
- Strategies for isolation and segmentation
- Secure configurations
- Managing permissions and access
- Applying defense-in-depth strategies
Chad M. Crowell
Platform Engineer at Civo, CNCF Ambassador, Speaker, and Author
Austin, Texas, United States
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top