Thomas Labarussias
Senior Developer Advocate
Bordeaux, France
Actions
I'm Senior Developer Advocate at Sysdig, the company which created and open-sourced Falco, the Cloud Native Security Runtime Engine for Kubernetes. I worked for a modern banking for SMEs and freelancers, where I managed their Kubernetes clusters. I also assisted for many years pure-players and e-business companies for a large managed service provider, as an AWS expert and FinOps. I'm one of the longest tenured members of the Falco community, and creator of Falcosidekick and Falco Talon.
Links
Area of Expertise
Harnessing FalcoSidekick for Observability and Introspection in Kubernetes
Join us for an insightful exploration of real-time security events in Kubernetes using FalcoSidekick. Dive into the intricacies of how Falco, an open-source runtime security project, adeptly detects indicators of compromise related to mining incidents. We'll unravel the complexity of threat detection, showcasing FalcoSidekick's unique approach at visualising and responding to security threats promptly. During the session, we'll place the spotlight on FalcoSidekick, a powerful open-source companion tool that elevates observability and introspection capabilities for Falco. Experience firsthand how FalcoSidekick populates security events in real-time within a dynamic web user interface, providing a comprehensive view of potential risks. Discover the tool's ability to generate volumetric dashboards, enriched with tagged context from the MITRE ATT&CK framework. This context empowers security teams to interpret security incidents with precision and agility.
Closing the Loop: Applying Least Privilege and Ensuring We Did It Well
According to OWASP, insecure workload configuration is the top security problem in Kubernetes. With the shift to Platform engineering, minimizing the attack surface of our Kubernetes clusters becomes even more critical.
This talk will cover the Principle of Least Privilege and how it can be applied to balance robust security and a good experience for users and administrators. Moreover, we'll see how to use Falco to observe if we did well and detect suspicious events that may happen in our clusters anyway.
Join us to discover how the Principle of Least Privilege, Falco and observability empower you to safeguard your Kubernetes ecosystem without making yourself and your users suffer.
Help us Help Users Secure Cloud, Container, and Kubernetes with Falco
Come help us improve Falco!
Falco is a CNCF project that helps users secure the cloud, container, and Kubernetes by providing real-time detection and alerting of suspicious activities. Think of it as a security camera for your computing environment.
In this session we’ll review how to get started with Falco including an overview of Falco's architecture, project structure, contribution guidelines, and development environments. We will also review top issues and bugs to identify areas where you can begin your participation. And, if the stars align, we might even do some collaborative coding.
There are many ways to get involved so whether your expertise lies in docs, front-end, kernel or eBPF development, or almost anything else you could think of, we welcome you to join us!
Enhanced Security for multi-tenant architectures: Key components and best practices
As Kubernetes becomes the backbone of modern infrastructure, securing multi-tenant clusters becomes a top priority for platform engineering teams. In this talk, we will delve into the realm of Zero-Trust architecture, exploring how it can bolster security measures and mitigate lateral surface attack risks within multi-tenant environments. We'll showcase best practices and practical guidance for implementing a robust Zero-Trust model, including access control through Paralus, network policy-based isolation, and runtime security mechanisms through Falco. Join us to gain valuable insights, real-life examples, and step-by-step strategies to fortify your multi-tenant Kubernetes clusters against potential threats and breaches. Let's elevate the security standards of our clusters together and foster a safer cloud-native ecosystem.
Détecter et réagir aux menaces contre votre cluster Kubernetes avec Falco
Falco, le système de sécurité fait pour la production, fournit des moyens de détecter tous les menaces au sein de votre cluster Kubernetes en analysant en temps réel les "syscalls". Avec son nouveau système de "plugins", les possibilités deviennent infinies, n'importe quel flux d'événement peut être passé à son moteur de règles pour lever des alertes. Ces derniers mois, la communauté autour de Falco a également décrit de multiples façons de créer un "response engine", il ne s'agit plus d'être juste notifié des événements de sécurité mais d'y réagir.
Thomas Labarussias
Senior Developer Advocate
Bordeaux, France
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top