A cybersecurity incident in a manufacturing environment exposed gaps that were uncomfortable but common: production workloads were mutable, configuration drift went unnoticed, and critical systems could be changed without any guarantees.
This session focuses on how those specific failures were addressed using policy-as-code. Using Kyverno, we show how enforceable guardrails were introduced to prevent unauthorized configuration changes, block untrusted workloads, and make drift immediately visible across production and business-critical systems.
Rather than presenting a broad security or compliance framework, this talk dives into a small set of concrete policies that directly map to incident learnings. We cover what was locked down, what was intentionally left flexible, and the trade-offs required to avoid slowing teams during recovery.
Attendees will leave with practical patterns for converting post-incident lessons into preventative controls using Kubernetes-native policy enforcement.