Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Cloud Foundry & K8s Integrations & Experiments [clear filter]
Tuesday, May 1

09:15 BST

What's so hard about vulnerability scanning? - Liz Rice, Aqua Security
A dive into what's easy - and what's not so easy - about finding and patching security vulnerabilities in droplets and containers

When a vulnerability, like the recent Meltdown, gets disclosed, the race is on to patch your code - and in a containerized deployment like PCF or PKS, you may have many thousands of instances that need updating. Typically, organizations use an image scanner to identify affected droplets or containers.

At first glance vulnerability scanning seems as though it should be a simple matter of cross-referencing a list of software packages with a list of known vulnerabilities, such as the National Vulnerability Database. This talk dives into why identifying vulnerabilities is a harder problem than you might at first imagine. We'll cover questions such as:

 * How does droplet scanning work?

 * Why does your Linux distribution(s) matter for vulnerability detection?

 * What's the difference between detecting vulnerabilities and malware?

There will be examples of false positives, how they get generated and what you can do about them.

If you have ever wondered how image scanners work, or if you're concerned about keeping your droplets and containers up-to-date with the latest patches, this talk is for you. 

avatar for Liz Rice

Liz Rice

VP Open Source Engineering, Aqua Security
Liz Rice is VP Open Source Engineering with cloud native security specialists Aqua Security. She is chair of the CNCF's Technical Oversight Committee, and was Co-Chair of KubeCon + CloudNativeCon in 2018. She is also the author of Container Security, published by O'Reilly. She has... Read More →

Tuesday May 1, 2018 09:15 - 09:45 BST

11:45 BST

Building Developer Pipelines with Kubernetes, Harbor, and Concourse - Thomas Kraus & Merlin Glynn, VMware
Today's developer needs to rapidly build and deploy code in a consistent, predictable, and declarative manner. This session will illustrate how companies can leverage Kubernetes, Harbor, Clair, and Concourse to achieve these goals. The session will provide a  solution for developing, building, and deploying applications using Kubernetes, Concourse, Harbor and Clair and Notary. A brief review of each of the technologies being discussed will be provided. The session will include a proposed end to end solution leveraging all of these technologies to provide a better development experience. A sample Go application will be used to illustrate an automated build process that will succeed or fail based on security scans of the underlying base Golang Docker image. The resulting Kubernetes application will only be run in the cluster if the CVE scans are under a configured threshold and the resulting Docker Image is signed by Harbor.  The session will conclude with a demonstration illustrating the unique capabilities of this type of workflow to initially build and then update an Application running on PKS and Kubernetes.


Thomas Kraus

Thomas is a Principal Technical Product Manager in VMwares Cloud Native Apps Business Unit where he works on modern application architectures and containers focusing on Kubernetes and Big Data. Thomas comes from Mesosphere where he was a Managing Principal Architect helping Enterprise... Read More →
avatar for Merlin Glynn

Merlin Glynn

Sr Technical Partner Manager,  VMware
Merlin Glynn is a Product Manager at VMware, where he builds products that help customers architect and deploy cloud-native applications. Merlin has been building complex environments as an architect for over 20 years, focusing on solutions for large enterprises and the academic and... Read More →

Tuesday May 1, 2018 11:45 - 12:15 BST

16:40 BST

Closing Remarks - Swarna Podila, Cloud Foundry
avatar for Swarna Podila

Swarna Podila

Sr. Director, Community, Cloud Foundry Foundation
Swarna leads community efforts at the Cloud Foundry Foundation, fostering collaboration and promoting kindness. Prioritizing people over technology, she focuses on finding and amplifying the untold stories and lesser-known innovations of the people who comprise the Cloud Foundry community... Read More →

Tuesday May 1, 2018 16:40 - 17:10 BST