Harshita Varma
Associate Product Manager
Actions
Harshita Varma is a contributor to the Kubernetes project, actively involved in the SIG Contributor Experience community, with a focus on enhancing the contributor journey. She began her open-source journey by contributing to the Thanos project, sparking her passion for open source. In March 2022, she was selected as an LFX mentee for Kubernetes under the CNCF. Since then, Harshita has significantly contributed to Kubernetes, earning the prestigious Dan Kohn Scholarship to attend KubeCon EU 2023 in Amsterdam as an attendee. Currently, she continues to engage with the open-source ecosystem, fostering collaboration and inclusivity within the Kubernetes community.
Area of Expertise
Topics
Invisible Shields: Runtime Security and Virtual Patching in Kubernetes
Traditional patch management is insufficient for mitigating rapidly evolving threats in dynamic Kubernetes environments, where zero-day vulnerabilities can be exploited before official patches are available. This session presents a technical exploration of virtual patching—deploying runtime security controls at the kernel level to intercept and neutralize exploits without modifying application code or requiring downtime. Leveraging open source solutions such as KubeArmor, which utilizes eBPF and Linux Security Modules (LSM) for inline mitigation, and Kyverno for declarative policy enforcement, this talk demonstrates the orchestration of layered security policies that provide defense-in-depth against advanced threats. Attendees will see how to implement granular process, file, and network access controls, automate vulnerability detection and response workflows, and integrate virtual patching into CI/CD pipelines for continuous protection. Real-world use cases will illustrate how these controls block exploitation vectors in real time, ensuring workload integrity while maintaining operational agility
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top