Climbing High with Anaïs Urlichs

Get ready to scale the heights of cloud native security!
This month we'll be talking Secrets Scanning with Jono Powell and our main event will explore the state of DevSecOps today with CNCF Ambassador, Anaïs Urlichs. Join us in Liverpool Street for a discussion about what the industry's attitude to security has in common with the sport of climbing.

Agenda:
18:00 - Doors open
18:15 - Intros
18:30 - Lightning Talk - Jono Powell
19:00 - Main Event - Anaïs Ulrichs
Followed by a trip to the nearest pub for a chat

Main Talk Abstract:
Security-specific tools are often overlooked until it becomes a requirement, necessity or things have gone terribly wrong. While many organisations will build a security team to address related issues, smaller organisations and individual contributors do not have this option. This talk is divided into two sections. In the first section of the evening, Anaïs will share the similarities between climbing and the importance of establishing a security-centric mindset. What happens if we do not have security specialists supporting our team? Free-climbing might be an option for experts with years of experience but not for most cluster admins.

The second part of the talk will go over security-specific tools in the cloud native ecosystem. We will highlight the different tools available, how and when they are used, as well as emerging technologies in the security space. Anaïs will showcase how we can get started and the benefits of integrating cloud native security tools, such as Trivy and Cilium, into our existing processes and monitoring stack. The goal is to provide Kubernetes cluster admins and engineers with the tools and knowledge to take ownership of securing their resources without having to become security experts.

Speaker bios:
Jono Powell:
Senior Consultant at Contino; I am involved in Azure, GCP and Security Practice. Most recently I've been developing landing zone infrastructure pipelines in Azure DevOps, and completing my Google Certified Cloud Security Practitioner certification.

I worked briefly in as a site reliability engineer for LivePerson. Before that I was a 10 year veteran working for Microsoft on healthcare projects, and 10 years working for Getty Images in a variety of network management and digital workflow management roles.
I started my career working for ICL Retail systems on point of sale terminal software in C++.

Anaïs Ulrichs
Anaïs is a Developer Advocate at Aqua Security, where she contributes to Aqua’s cloud native open source projects. When she is not advocating DevOps best practices, she runs her own YouTube Channel centered around cloud native technologies. Before joining Aqua, Anaïs worked as SRE at Civo, a cloud native service provider, where she helped enhance the infrastructure for hundreds of tenant clusters. As a CNCF ambassador of the year 2021, her passion lies in making tools and platforms more accessible to developers and community members.