Container Runtime Security with Falco // Managing Flatcar updates with Nebraska

Cloud Native Computing Berlin
Cloud Native Computing Berlin
Public group

Kinvolk GmbH

Adalbertstraße 6a · Berlin

How to find us

Next to Cosmoveda, 4th floor

Location image of event venue

Details

Cloud Native Computing Meetup Berlin is happy to host Chris Kranz who will talk about container runtime security with Falco and the by Kinvolk's Iago López Galeiras and Joaquim Rocha who will talk about managing Flatcar updates with Nebraska.

Food and drinks will be sponsored by CNCF & space will be provided by Kinvolk.

---------------------------------------------

SCHEDULE:

[18:30- 19:00] Arrive and mingle

[19:00 - 19:45] Chris Kranz, “Container Runtime Security with Falco"

[20:00 - 20:45] Iago López Galeiras and Joaquim Rocha, "Managing Flatcar updates with Nebraska"

[20:45 - 21:00] Mingle time

---------------------------------------------

TALK DETAILS:

“Container Runtime Security with Falco”, Chris Kranz
Abstract: Host intrusion detection (HID) has been around for some time. What if we rethought the problems HID solves in the context of Cloud Native platforms? What if we can detect abnormal behavior in the application, container runtime, & cluster environment as well? In this talk, we’ll present Falco, a CNCF Sandbox project for runtime security. We will show how Falco taps Linux system calls & the Kubernetes API to provide low level insight into application behavior, & how to write Falco rules to detect abnormal behavior. We’ll show how to collect & aggregate alerts using an EFK stack (Elasticsearch, Fluentd, Kibana). Finally we will show how Falco can trigger functions to stop abnormal behavior, & isolate the compromised Pod or Node for forensics. Attendees will leave with a better understanding of what problems runtime security solves, & how Falco can provide runtime security & incident response.

"Managing Flatcar updates with Nebraska", Iago López Galeiras and Joaquim Rocha
Abstract: Last year we announced Flatcar Linux (our fork of Container Linux) and we've been following upstream ever since. This talk will present the current status of Flatcar Linux, including how Kinvolk is now managing the distribution and builds independently of upstream CoreOS Container Linux. We'll also be introducing and open sourcing (on stage!) our project to manage updates for a Flatcar Linux fleet.

---------------------------------------------

SPEAKER BIOS:

Chris Kranz, SE Manager for EMEA at Sysdig - Awesomer is totally a word! I love this industry because it's constantly innovating and changing, which means I need to help those I work with to stay at their best. At Sysdig we spend our days making sure our customers can get the best out of their Kubernetes, OpenShift, GKE, EKS, etc. container environments and support applications securely and confidently in production use.

Iago López Galeiras, CTO and founder at Kinvolk - Iago brought his relaxed Spanish demeanor to Berlin a few years back. Since then, he’s been diving and swimming around the internals of various Linux flavors; Android, embedded and Cloud. He’s a top contributor to the rkt project and for the past year he was pushing the limits of eBPF to get runtime statistics. Although he once got distracted by functional programming, his daily tasks see him working mainly in Go and C.

Joaquim Rocha, Software Engineer / Contractor at Kinvolk - For the past 10 years Joaquim has worked in projects of different sizes and technologies, mostly involving the GNU/Linux operating system and other important Open Source projects such as GNOME. Apart from coding, he has also participated as a speaker in a number of important conferences related to Free Software, like FOSDEM or GUADEC.