Securing your containers. Kubernetes, AWS ESC Fargate and AWS EKS

Hi all,
I guess all the good resolutions about investing more time in security haven't faded into the background yet. To keep it so, https://www.meetup.com/amsterdam-secure-software-development-meetup and Cloud Security Meetup Amsterdam are starting the year with an event focused on Container Security.

Schedule
17:30 Doors open, food and drinks
18:00 Tapas
18:30 AWS ECS Fargate - Darko Klincharski
19:30 Practical Guide to Kubernetes Security for Developers 🚀 - Madhu Akula
20:30 Chats and some more drinks
21:00 Closing doors
AWS ECS Fargate
AWS ECS Fargate. Can you run more than online mozarella shops on it? In this short talk I'll try to outline some of the differences between ECS and EKS (K8S), and share some tips and tricks on how to get the most value out of ECS Fargate. Topics that we'll cover:
• Setup
• Security
• Scalability

Darko Klincharski
Legend has it that 10 years ago through the mystical power of laziness Darko discovered automation. Laziness leads to automation, automation to DevOps. A decade long quest through the labyrinth of DevOps knowledge and scrolls, has imbued Darko the gift of DevOps indoctrination. Now he travels the world (in between releases) finding other people who are wise in the ways of DevOps and shares knowledge (and beers) with them.

Practical Guide to Kubernetes Security for Developers
Kubernetes become the defacto for deploying and managing applications from startups to enterprises. This means most developers start writing their application code, package them into containers and deploy them into clusters to serve the customers. But if you look at typical day-to-day development and operations from local development to production deployment, we perform a ton of things that can be potentially insecure patterns. As we use modern tools, and technologies we tend to forget to secure them while building and serving our customers. In this talk, we will see how we can secure Kubernetes workflows and how we can automate these security checks and validate them to identify potential security risks before deploying our applications and code into production.
Madhu Akula will be using Kubernetes Goat, an interactive Kubernetes security learning playground in this talk to demonstrate some security concerns and fix them live 🚀

Madhu Akula
Madhu Akula is a pragmatic security leader, currently works on product security, and cloud native security areas. Created multiple OSS projects including Kubernetes Goat, Hacker Container, tldr.run, etc. Madhu frequently speak & train at events and conferences like DEFCON, Black Hat, SANS, USENIX, OWASP, Nullcon, All Day DevOps, DevSecCon, null, and many others around the globe. My research has found 200+ vulnerabilities in products, and organizations including Google, Microsoft, AT&T, NTOP, Adobe, WordPress, Gitlab, etc. Published author of Security Automation with Ansible2, also a technical reviewer for books, conferences, etc. Contributes to communities like All Day DevOps, null, AWS, OWASP, etc. Also advise startups on building great products, communities, and adding value.