Bringing together developers and operations people united in a common goal: destroy silos and remove obstacle to deploy and maintain awesome software and reliable infrastructures. Monitoring, continuous integration, packaging and automated deployment will all be covered. It's going to be fun too!
Welcome to the world of tomorrow!
We are kicking off 2019 with a champagne-fueled (disclaimer: I'm not sure there will be actual champagne) meetup to celebrate that DevOps has been around for 10 years (it'll be 10 years as of October 2019, but we're starting the party early).
Our first meetup will take place at Schuberg Philis and will have two talks on Kubernetes. The location can be a bit out of the way if you're using public transportation so feel free to carpool with someone or send me a message if you want to drive with me (Thomas). Public transportation link: https://9292.nl/?van=&naar=schiphol-rijk_boeingavenue-271&searchType=aankomst&date=2019-01-29&time=19%3A00
*Please note that the entrance to this meetup will be Schuberg Philis' security entrance approximately 100m from main reception*
18:30 - 🚪Doors open
19:00 - 🍽🍷Food is served
20:00 - 🎤Talk #1
20:45 - 🚽Break
21:00 - 🎤Talk #2
21:45 - 🍻BeerOps
We hope to see all of you there!
🎤 Andreas Lambrecht
Information Security departments often view containers as challenging to manage (code moves too fast for risk analysis, thousands of containers with limited visibility or control). Government organizations such as NIST have published guidelines for Application Container Security, while serverless technologies such as Azure Container Instances or AWS Fargate create additional challenges regarding how security risks are managed.
In this presentation we will look at these challenges and demonstrate how security controls can be continuously embedded into the application lifecycle.
🎤 Andy Repton - All your Kube are belong to us
As containers become more prevalent in our technology landscapes, container security has likewise increased in importance. However, our containers don’t just run independently, we use container orchestration systems like Kubernetes to run them at scale and in production. In shared clusters, it is critical to ensure proper authentication, authorization and pod security best practices. Recently, CVE[masked] demonstrated the first major vulnerability in the popular orchestration platform. Using a demonstration, we’ll take a look together at the two versions of this vulnerability and discuss how they work. In addition, I’ll show some other ways to gather privileged information from inside a Kubernetes cluster and how to fix them.