Savitha Raghunathan
Senior Software Engineer
Actions
Savitha Raghunathan is a Senior Software Engineer at Red Hat, working on Container Migration and Application Modernization technologies. She leads K8s sig-security-documentation sub-project aiming to create security awareness through docs. As a maintainer of the Konveyor project, she leads the community engagement efforts, fostering collaboration and driving its continuous growth. Savitha's passion lies in nurturing the Open Source community, where she finds great joy in mentoring new contributors and empowering them to make significant contributions.
Butterfly Effect: What Kubernetes SIG Security Has in Flight
Kubernetes SIG Security continues to spread security across the cloud native field. Flutter in for updates about what we’ve been up to, featuring VEXing bugs, the perennial third-party audit coming back up, Security Self-Assessments emerging from dormancy to bloom again, (O)wasps, budding new contributors, and collaborating across SIGs to bee better together.
Everything we do as contributors has ripple effects outward. Security is everyone’s responsibility, and every one of us can make a difference.
What’s landing, and what’s taking flight? Come hear the buzz with us, and learn how you can get involved!
AI-Powered Cloud Native Modernization: From Real Challenges to Concrete Solutions
Modernizing legacy applications for the cloud native world is full of challenges, from technical to strategic. This panel doesn't just list the problems such as technical debt, migration risk, skill gaps, cost constraints, and infrastructure misalignment; we jump straight to the solutions. Panelists will share practical strategies for phased migration, emphasizing how these efforts pave the way for Kubernetes adoption. Our discussion will focus on critical questions like:
* How do you assess whether AI-enabled tools are right for preparing workloads for K8s vs manual refactoring?
* When leveraging AI for refactoring, what validation or human oversight processes are needed?
*How do we design a Cloud Native AI reference architecture that runs modernized apps and AI workloads on Kubernetes, and accelerates innovation and time-to-market for new AI capabilities?
Attendees will leave with a practical roadmap to adopt AI modernization tools that balance innovation with safety and oversight.
Navigate Cross SIG Collaborations with SIG Docs
As one of the largest open source projects, Kubernetes is divided into twenty-four Special Interest Groups (SIGs). All SIGs share a common goal of advancing the project, and collaboration across SIGs is required to do so. In this session, learn how SIG Docs collaborates with other SIGs on Kubernetes releases, improving Kubernetes security and driving Kubernetes adoption with documentation.
Stop Kubernetes' Revolving Door: A Hands-On Tutorial to Secure a Kubernetes Cluster
Out-of-the-box, upstream Kubernetes is not secure by default. This tutorial will walk through the official/upstream Kubernetes Security Checklist to set up a cluster securely.
The tutorial starts with an introduction to the critical security considerations for Kubernetes environments. Participants will then embark on a guided journey through practical exercises designed to implement security best practices within Kubernetes clusters.
Attendees will gain firsthand experience in aspects such as authentication, authorization, network policies, pod security, and more, providing participants with a comprehensive understanding of Kubernetes security principles and how to implement them. This will equip them with the knowledge and skills to effectively secure their clusters. Whether you're new to Kubernetes security or seeking to enhance your expertise, this tutorial offers valuable insights and hands-on experience to strengthen your Kubernetes clusters against potential threats.
The “Secret Sauce” to Your Digital Transformation: Build a Learning Community!
As the great Benjamin Franklin said, “Tell me and I forget, teach me and I may remember, involve me and I learn.” As business leaders and technical leaders driving digital transformation with open source technologies, building a learning culture within your organization will be your secret sauce (or competitive advantage). In this interactive presentation, we go through considerations Red Hat took when taking a community-first approach to our Kubernetes and Cloud Native learning community, Kube by Example (KBE). We’ll share the steps it took to build the community and how we found our customers, such as Ford Motor Company, adopting our “community-first” approach on their cloud native transformation journey.
Join us as we highlight these 3 takeaways when establishing a learning community for your organization to adopt an open source culture and drive digital transformation and some of the challenges to look out for:
Staying agnostic and highlighting the Kubernetes ecosystem
Keeping content open source, relevant, and accessible
Cross-functional participation to gather different perspectives is key
SIG Security: Unravelling the Kubernetes Security Audit Together
SIG Security takes a community-building approach to improving Kubernetes security, both for the project itself and for our end users. Join organizers Ala, Pushkar, Rey, and Savitha for an overview of SIG Security and timely updates from our Documentation, Self-assessments, and Tooling subprojects. You'll learn what's been going on, what’s next, and how you could join in.
Our Third-party Security Audit subproject will be a special focus. With 111 new Stable enhancements, Kubernetes has really matured since the previous audit in 2019! It takes teamwork to coordinate such a big audit, and we will share that process including the CFP, the audit itself, and internal review with the Security Response Committee. We will also share the vulnerabilities and recommended mitigations uncovered by the April 2023 audit.
SIG Security has something to learn and contribute for every experience level, from beginner to expert. We hope to see you there!
SIG Security Update: Securing Kubernetes through Code and Collaboration
SIG Security takes a community-building approach to improving Kubernetes security, both for the project itself and for end users. Join organizers Ala, Ian, Pushkar, and Savitha for an overview of SIG Security and updates from our Docs, Self-Assessments, and Third Party Audit subprojects. You'll learn what's been going on, what’s next, and how you can join in.
In this talk, we will focus on the Tooling subproject. Since its inception, this subproject has scanned a myriad of Kubernetes artifacts, finding vulnerabilities that need triage. We’ve also built an auto-refreshing CVE feed that is available in beta today. We will share how these tools are co-maintained in collaboration with other SIGs. Lastly, we will explore the upcoming improvements in these tools through VEX, OpenSSF OSV, and govulncheck, and share with the audience how they can contribute too.
SIG Security has something to learn and contribute for every experience level, from beginner to expert. We hope to see you there!
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top