With rapid increase in adoption of Kubernetes the number of workloads deployed across the enterprise is increasing exponentially. This has led to looking at security with a completely new focus.

- What does it to mean when someone says "we need to secure our workloads"?
- How does an organization ensure that every workload deployed in a cluster has its own identity and that identity is used for mutually authenticating to other workloads?
- How can these workloads be tied to organization's security policies that are managed by the PKI team?
- How can security team build an enterprise security posture that adheres to the compliance models defined within the enterprise?

This talk will give security professionals the ability to define a set a services that can be easily adopted by the platform teams that operate and run Kubernetes.

Specifically, this talk will walk through how to setup workloads deployed in a cluster to utilize organization's CA (Certificate Authority) infrastructure to sign workloads using cert-manager and utilize SPIFFE as a standard way to issue SPIFFE SVIDS.