OWASP Aarhus Chapter Meeting - June

Notice, that this is a physical event and that Eficode will be hosting it. By signing up, you accept that OWASP Aarhus may hand over a list of participants to Eficode for the sole purpose of hosting this event.
19:00 - 19:30
"Welcome, Food and Drinks" by Eficode and OWASP Chapter Aarhus
19:30 - 20:15
“Practical Implementation of Least-Privilege with RBAC and Threat Modelling in K8s” by Nicolaj Græsholt, senior consultant and trainer at Eficode

About the presentation:
Join Nicolaj for an incredibly brief introduction to Kubernetes, the Principle of Least Privilege (PoLP) and Threat Modelling before we deep-dive into Role-Based Access Control (RBAC), and what it means in terms of everyone’s favourite container orchestrator. Finally, we’ll look at “alternatives;” do our developers even need access to Kubernetes? Do we even need RBAC? The presentation will include practical examples with self-hosted and managed K8s, and a Git repository the viewers can bring home afterwards!
About Nicolaj
Nicolaj Græsholt is a senior consultant and trainer at Eficode where he helps organizations with all things CI/CD, Artifact Management, Git, Docker and Kubernetes. He has previously worked as a Consultant Software Developer and has a Master’s degree in Cryptography from Aarhus University. In his spare time he enjoys video-games, gardening, cold beer and experimenting with Kubernetes to test the limits of Container Orchestration.
20:30 - 21:15
"Kubernetes networking - How to securely tie your services together" by
Anders Ingemann, operations manager at Orbit Online
About the presentation:
The Kubernetes container networking landscape has evolved rapidly since its inception. We will explore how CNI plugins have enabled operators to transparently tie services together in a secure manner at the semantic level.
About Anders:
Anders is the operations manager at Orbit Online. Using Kubernetes he has introduced observability into the entire software stack of the Orbit platform while converting it from a monolith to a containerized microservice architecture. He is responsible for operational security and infrastructure development at Orbit. Beyond that Anders enjoys bouldering, competitive ballroom dancing, and dabbling in the dark arts of mixology.
21:15 - 21:30
Goodbyes and plans going forward by OWASP Chapter Aarhus