Kubernetes Hashicorp Rancher AquaSec
Melbourne, Victoria, Australia
Kelly is a Senior Cloud Architect that focuses helping customers move and adopt cloud services. He is part of the CNCF Speakers Bureau and regularly speaks about various Security, Kubernetes and Cloud Security meetups throughout Australia. As well as Meetups, Kelly has presented on various topics at DevOps days in Australia and New Zealand. When not speaking or helping Customers, Kelly spends his time exploring the great outdoors searching for various hiking trails and small mountain climbs.
In this session we will leverage Consul to provide a mechanism of service discovery and ensure service discovery is productionized
In this session we will start with go through, at a high level, what service discovery is and why it's useful. This will be a high level session to give a complete overview of service discovery and a use case to highlight the benefits.
For this talk we will go through all the required steps to automate a deployment of Vault including Consul via Terraform. Plus we will utilise the Terraform providers for Vault to customize.
In this session we will leverage Vault to dynamically inject secrets Kubernetes. We will first discuss Kubernetes secrets 101 and then highlight how Vault can be used to bolster your secrets management.
In this session we will dive into the Vault Agent and how it can help not only protect Vault, but also reduce the impact your Applications can have.
In this session we will go through who OWASP Foundation is and how to best use the practical information found within. There are various OWASP tools that can be beneficial for every organisation so will go through some of the most useful, why they are important and how to navigate them through your Organisation.
Come and join us to discuss how containers improve security, a high-level threat model of containers and orchestration, and tips for enhancing security as you role out containers and Kubernetes. As DevOps teams deploy Kubernetes in production, enterprises must focus on the runtime security and compliance requirements of their cloud-native platforms. We will look at self-assessment and hardening guides to outline provisioning a cluster to comply with the CIS Kubernetes benchmark as well as identifying gaps and pain points in the process.
Thought this was a conference and not a baking session - well it's sort of the same. In this session we will compare baking a Blueberry Muffin and Application Security. We will look at three different pillars of Application Security - Protect, Detect, Respond and what happens when you forget to add Blueberries to your muffins.
You will walk away with a proven framework and approach to the three pillars of Application Security and a few laughs.