Poonam Lamba
Product leadership, open-source enthusiast.
Actions
Poonam is a Product Manager at Google, where she leads Policy, Governance, and Compliance for GKE. An active contributor to the Kubernetes Policy Working Group and Gatekeeper project, she is passionate about open-source solutions. Outside of work, Poonam enjoys hiking, paddle boarding, and reading.
Area of Expertise
Shift Down Security! How Platform Teams Can Help Break the Logjam
Lets face it, the current approaches to security are not working. Centralized security teams are not the domain experts, and yet are tasked with securing highly dynamic cloud native environments. And, “Shift Left” just adds more burden to already busy developers, who may not have context or proper training in security best practices.
The emergence of platform engineering, along with cloud native best practices of codification and automation, offers a new way: automating security and compliance using cloud native policy as code!
In this session, Poonam and Jim will present both the security and operations teams perspective on adopting policy as code combined with cloud native best practices, to implement guardrails in the platform layer, so both developers and security teams can focus on what they do best.
Using OPA Gatekeeper to Enforce Policies Across Multiple Clusters: What Could Go Wrong?
Using OPA Gatekeeper to Enforce Policies Across Multiple Clusters: What Could Go Wrong? A number of things !!!
Inconsistency between clusters
Policy conflicts
Policy drift
Policy complexity
How do you avoid these and more to implement K8s policies using Gatekeeper
Policy-Based Kubernetes Governance, Risk, and Compliance
Kubernetes policies are a form of configuration management used to manage other configurations and runtime behaviors. Policies can help simplify security, and also serve as the building blocks for higher level business functions such as Governance, Risk, and Compliance (GRC).
In this panel session, members of the CNCF Policy Working Group will first discuss why Kubernetes requires policy management. Then they will present how policy management works at each phase of the cloud native lifecycle. Finally, they will discuss a policy-as-code based approach for addressing critical business functions of Governance, Risk, and Compliance. Such an approach can transform costly and tedious manual processes into automated and continuous processes with collaboration among various personas. This results in organizational efficiencies and cost-savings.
You will also learn about the Policy WG charter, activities, and how you can contribute to making Kubernetes secure and compliant.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top