• Cloud Native Runtime Security with Falco

    Business Pôle

    For this new meetup, Lorenzo David from Sysdig will present Falco, a container security project currently living in the CNCF's sandbox. --- ABSTRACT In any Cloud Native architecture, there’s a seemingly endless stream of events that happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as providing an audit trail of activity. In this talk, we will cover the design principles and architecture of Falco, an open source container native runtime security engine, capable to ingest the host system calls event stream, as well as application metrics and Kubernetes audit events. We will also show how to create Falco rules to detect behaviors for these heterogeneous event streams, and how to extend Falco for additional custom events sources. Attendees will gain a deep understanding of Falco’s architecture, and its use cases for runtime container security. --- SPEAKER BIO Lorenzo is a Senior Software Engineer at Sysdig, where he help defining, architecting and developing the Sysdig Secure portfolio. Prior to Sysdig, he worked in the Software Defined Networking space, as core engineer of the Next-Gen VMware NSX Firewall. He has double degree M.S. in Computer Science from the Polytechnic University of Turin and EURECOM/Telecom ParisTech. --- Thanks a lot to JobOpportunIT (https://www.jobopportunit.com/) for offering the pizzas and beverages to the participants.

    1
  • (1) Kubernetes Extensions and (2) Pod Anomaly Detection

    Amadeus (Auditorium Mistral)

    This meetup session will be divided into 2 presentations: 1- Kubernetes Extensions: Kubernetes provides the ability to extend the platform. This Presentation will cover 4 of its main features. We will go through their properties and how they can influence the core kubernetes behaviors, with some use-cases and their future releases' roadmaps. 2- Pod Anomaly Detection: In the first part of the presentation, we will review the existing methods to mitigate problems introduced by failing pods in a Kubernetes cluster. The second part will focus on a new automated mean of dealing with problems in an orchestrated way, taking advantage of your technical or functional monitoring. Come and discover how the "Pod Anomaly Detection" can help you to implement a kind of circuit breaker on top of Kubernetes concepts. --- Be sure to have your identity papers with you in case it is requested by Amadeus security.

    8
  • Monitorer votre système et vos applications avec Prometheus

    Amadeus (Auditorium Mistral)

    • What we'll do La transformation de notre industrie vers des systèmes de plus en plus distribués a fortement bousculé la façon d’opérer nos applications. L’activité de “monitoring” n’est pas épargnée par ces changements: Où chercher les métriques dans notre “cloud”? Comment collecter efficacement (performance & coût) des données sur des applications polyglottes et souvent conteneurisées? Comment intégrer dans la même stack de monitoring et d’alerting nos nouvelles et anciennes applications? Prometheus promet entre autre de répondre à ces questions; venez découvrir cette solution open-source, supportée par la CNCF (Cloud Native Computing Foundation - Linux Foundation), qui en à peine plus de deux ans a réussi à devenir un acteur majeur du monitoring des systèmes distribués. Venez découvrir Prometheus (présentation et démo) et partager vos intérogations et expériences sur ce sujet. • Agenda - “Prometheus, a new actor in the monitoring world”, Cédric Lamorinère, David Benque, Amadeus - Running Prometheus in production- Mathieu Bono (www.ricardo.ch) - Performance tests platform with Prometheus - Francois Remi (Amadeus) - “Prometheus is the future of monitoring” - Johann Grauzam (Amadeus) What to bring Il est important d'être inscrit et avoir une pièce d'identité pour accéder au site. • Important to know La présentation sera en Français ou en Anglais en fonction des participants. Presentation: https://docs.google.com/presentation/d/1uqiGwtBsLp1NbtW-ByGCR9rh8ZYp3NoatcXBiX0uxnA/edit#slide=id.g328b5dc653_0_154 Github: https://github.com/dbenque/prometheus-instrumentation-demo

    17