16 - 17 April 2024 | Alte Kaserne Winterthur
Senior Golang Engineer
I thrive on challenges and actively seek projects that push me beyond my comfort zone, allowing me to expand my knowledge and skill set. The continuous pursuit of learning new languages and development techniques is not only a personal passion but also a commitment to contributing to the success of the organizations I work with.
In the last three years, I transitioned into the role of a DevOps Engineer to deepen my understanding of the Kubernetes Administration ecosystem. This experience has provided me with valuable insights into the intricacies of managing Kubernetes, reinforcing my expertise in orchestrating containerized applications. Currently, I have returned to my role as a Senior Golang Engineer, combining my extensive software engineering background with newfound insights from the DevOps domain to deliver robust and scalable solutions.
Securing Kubernetes: OWASP Best Practices, CI/CD Integration, and Tools
Room: “Gesang” / 2nd floor
An engaging session that delves deep into the world of securing Kubernetes (K8s) clusters through the lens of Open Web Application Security Project (OWASP) best practices. In this comprehensive talk, we will guide you through a structured agenda that covers essential aspects of Kubernetes security, providing practical insights and actionable strategies.
The session kicks off with an introduction to Kubernetes security challenges, setting the stage for understanding why securing K8s clusters is paramount in today’s dynamic threat landscape. We will then navigate through OWASP’s best practices tailored for Kubernetes environments, shedding light on key guidelines to fortify your containerized applications.
Moving into the practical realm, the agenda unfolds to reveal a well-defined workflow for Kubernetes security. Attendees will learn how to seamlessly integrate security practices into their development and deployment lifecycle, striking a balance between speed and security. The discussion will extend into CI/CD integration, showcasing the implementation of automated security testing within pipelines, ensuring continuous security validation.
An integral part of the session is the exploration of cutting-edge tools designed for securing Kubernetes. Live demonstrations will provide a hands-on understanding of tools for vulnerability scanning, runtime protection, and policy enforcement, helping attendees make informed decisions based on their specific needs.
Real-world case studies will illuminate success stories and lessons learned, offering valuable insights into overcoming challenges in Kubernetes security.
Whether you’re a developer, DevOps engineer, or security professional, this session is your gateway to enhancing the security posture of your Kubernetes deployments, guided by OWASP best practices.
Prerequisites for this workshop: