Cloud Native Bergen is pleased to announce the August meetup of 2025🎉
We're moving to Cloud Native Bergen Community Group page at CNCF as our main platform - please join the group and RSVP there🙏
(CNCF RSVP Link)
We are back after the summer holidays with pizzas, drinks and a new line up of 3 talks. Two security related talks and one about Robusta's HolmesGPT. We will also celebrate cTENcf2 (https://www.cncf.io/ctencf-regional-events/) by gathering in this event and talk about what we love working with.
Please use the CNCF RSVP Link!
### 16.30 - Food, Drinks and Social before the talks start.
### Ca. 17.00 Taming the Cloud-Native Attack Surface with Wiz
Speaker: Niek Khasuntsev
Description:
Security in a cloud-native world can be extremely challenging. Disconnected AppSec and cloud security tools lead to reactive, disjointed defenses that slow down development. This talk will show you how to bridge that gap with a unified approach to cloud-native security that links every stage of the lifecycle, from code to runtime.
We'll demonstrate how Wiz correlates risks across your code, CI/CD pipelines, and production environments. We'll show you how to link a vulnerability in a code repository or an IaC misconfiguration directly to its impact on the live cloud workloads. This context is key to building a cohesive security strategy that prioritizes the most critical risks and empowers teams to remediate faster, giving them a complete and actionable view of the security posture.
### Ca. 17.45 - Cloud Security Transformation - A comprehensive approach
Speaker: Olav Østbye
Description:
Moving from on-premise technology to the cloud forces a transformation of the entire organization, including security. Several companies have probably thought that this is something that will sort itself out, but many have likely experienced that these questions and challenges can be quite difficult to solve and answer—especially if this hasn’t been considered in advance and must be dealt with reactively.
In this presentation, I will cover the following:
- Strategy
- Organization of the security team
- Transformation of the people working in security
- Transformation of security controls and the ISMS
- Transformation of processes
- Prioritization, roadmap, and plan
Questions that will hopefully be answered as part of this presentation:
- What can you do to ensure that those working in security keep up with this journey?
- How should you organize those working in security, and what responsibilities should they have?
- How can you find out what knowledge employees have and what knowledge they need?
- Will the ISMS (Information Security Management Systems) and security controls you have for your on-premise environment work in the cloud?
- Which processes need to be changed and adapted?
- How should you prioritize when you have limited manpower and budget?
### Ca. 18.30 - HolmesGPT from Robusta helps Sparebanken Norge with troubleshooting kubernetes
Speaker: Andreas Thuen and Kristian Sørensen Stene
Description:
Did we get a new team member?
We aim to be finished with talks at around 19.00.
Those who want are more than welcome to gather in prefered bar after the meetup is finished to continue good discussions over a good drink 🍺
