Loading…
or to bookmark your favorites and sync them to your phone or calendar.
strong>DevSecOps (CloudX) [clear filter]
arrow_back View All Dates
Wednesday, November 6
 

10:30am PST

PRO SESSION (CloudX): Which Vault? Don’t Tell Me Your Secret(s)!
Wednesday November 6, 2024 10:30am - 10:55am PST
CloudX -- Stage 1
Michel Schildmeijer, SSC-ICT, Lead Technologist

Secret management is a crucial aspect of DevOps, as it involves the protection of sensitive data that is used by applications and services. Secrets can include API keys, credentials, tokens, certificates, and passwords that grant access to various resources and systems. If these secrets are compromised, attackers can exploit them to cause damage, steal information, or disrupt operations.
One of the challenges of secret management is how to securely store, distribute, and rotate secrets in a dynamic and distributed environment. Traditional methods of hard-coding secrets in configuration files or environment variables are not secure, scalable, or reliable. Moreover, secrets need to be updated frequently to comply with security policies and regulations, and to prevent unauthorized access.
To address these challenges, several tools and frameworks have been developed to provide secret management solutions for DevOps.
These tools can help DevOps teams to implement best practices for secret management.
Speakers
avatar for Michel Schildmeijer

Michel Schildmeijer

Lead Technologist, SSC-ICT
Michel started his career as a medical officer in the Royal Dutch Airforce, with a focus on pharma. After the air force, he continued in pharma, followed by time working in clinical pharmacology. While there, he transitioned to IT by learning UNIX and MUMPS, and developed a system... Read More →
Wednesday November 6, 2024 10:30am - 10:55am PST
CloudX -- Stage 1
  CloudX: DevOps Summit, DevSecOps

11:00am PST

PRO SESSION (CloudX): How We Implemented Zero Trust Security Using Cilium
Wednesday November 6, 2024 11:00am - 11:25am PST
CloudX -- Stage 1
Lakmal Warusawithana, WSO2, Technology Evangelist

Implementing a zero trust approach is essential for security, as it involves verifying and validating every request, irrespective of its origin or location.

In the initial implementation of Choreo, our internal Developer Platform as a Service, we faced challenges in controlling all network access and enforcing authentication, authorization, and seamless network traffic encryption at scale, which is vital for the Choreo cloud service. However, by employing Cilium, K8s, and a cell-based architecture, we were able to develop a scalable platform that upholds zero trust security principles.

The combination of Cilium's eBPF-powered layer 3, 4, and 7 network policies, Hubble Observability, IPSec security, and a cell-based architecture enabled us to address all the critical elements of a zero trust platform successfully.

In this talk, I will detail all the challenges we faced and the strategies we employed to overcome them.
Speakers
avatar for Lakmal Warusawithana

Lakmal Warusawithana

Technology Evangelist, WSO2
Lakmal Warusawithana is the Senior Director - Cloud Architecture of WSO2. Lakmal has a long history of working in open source, cloud, and DevOps technologies and has been Vice President of Apache Stratos PaaS Project. Lakmal has also presented at numerous events, including ApacheCon... Read More →
Wednesday November 6, 2024 11:00am - 11:25am PST
CloudX -- Stage 1
  CloudX: Cloud Architecture & Infrastructure, Cloud Security
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Monday, November 4
Tuesday, November 5
Wednesday, November 6
Thursday, November 7
Tuesday, November 12
Wednesday, November 13
Thursday, November 14
API World -- Expo Discovery Stage
API World -- Main Stage
API World -- OPEN Workshop Stage
API World -- Workshop Stage A
API World -- Workshop Stage B
API World -- Workshop Stage C
CloudX -- Expo Innovation Stage
CloudX -- Main Stage
CloudX -- Stage 1
Dev Innovation Summit -- Main Stage
Expo Hall
Leadership Lounge
RingCentral Events
Santa Clara Convention Center
Santa Clara Convention Center - Lobby
Santa Clara Hyatt Regency Lobby
VIRTUAL API World -- Expo Discovery Stage
VIRTUAL API World -- Main Stage
VIRTUAL API World -- OPEN Workshop Stage
VIRTUAL API World -- Workshop Stage A
VIRTUAL API World -- Workshop Stage B
VIRTUAL API World -- Workshop Stage C
VIRTUAL CloudX -- Expo Innovation Stage
VIRTUAL CloudX -- Main Stage
VIRTUAL CloudX -- Stage 1
VIRTUAL Dev Innovation Summit -- Main Stage
Virtual Expo Hall
  • 1. Badge Pick-up & Registration
  • 2. Experiences & Official Events
  • 3. Expo Hours
  • 4. Hackathon
  • 5. KEYNOTES & FEATURED
  • API World: API Innovation
  • API World: API Strategy
  • API World: Lifecycle
  • API World: Microservices World
  • CloudX: Cloud Architecture & Infrastructure
  • CloudX: Cloud-Native Development
  • CloudX: Cloud Strategy Conference
  • CloudX: DevOps Summit
  • Dev Innovation Summit
  • OPEN SESSIONS
  • Talk Type
  • OPEN Session
  • PRO Session
  • PRO Workshop
  • Track or Conference
  • AI & ML (CloudX)
  • API Case Studies & Success Stories (API World)
  • API Design / Architecture (API World)
  • API Leadership Summit (API World)
  • API Ops & Scalability & Usability (DX) & Testing (API World)
  • API Program Management (API World)
  • API Security / Compliance (API World)
  • API World
  • API World: API Innovation
  • API World: API Lifecycle
  • API World: API Strategy
  • API World: Microservices World
  • API-First Development (API World)
  • APIs (Dev Innovation)
  • Automated Testing & Monitoring & Reporting (CloudX)
  • CI/CD (CloudX)
  • CI/CD / Deployment (API World)
  • Cloud Development Technologies (CloudX)
  • Cloud Development Technologies (Dev Innovation)
  • Cloud Infrastructure (CloudX)
  • Cloud Innovation (AI & Edge & etc) (CloudX)
  • Cloud Security (CloudX)
  • Cloud Talent & Skills (CloudX)
  • CloudX
  • CloudX: Cloud Architecture & Infrastructure
  • CloudX: Cloud Strategy Conference
  • CloudX: Cloud-Native Development
  • CloudX: DevOps Summit
  • Containers & Kubernetes (CloudX)
  • Deployment Strategies (CloudX)
  • Dev Innovation (CloudX)
  • Dev Innovation Summit
  • Developer Tools (Dev Innovation)
  • DevSecOps (CloudX)
  • Digital Acceleration (CloudX)
  • Edge Computing (CloudX)
  • Emerging APIs: AI & IoT & Blockchain & Web3 & XR (API World)
  • Expo Challenge
  • Future of Cloud-Native Computing (CloudX)
  • Hybrid & Multi-Cloud (CloudX)
  • Hybrid APIs & Low Code APIs (API World)
  • Industries: Open Banking & Healthcare & Retail (API World)
  • Infrastructure-as-Code (CloudX)
  • Integration Management (API World)
  • Leadership Lounge
  • Microservices Design & Architecture (API World)
  • Microservices Design (CloudX)
  • Microservices Management (CloudX)
  • Observability (CloudX)
  • OPEN Session
  • Platform Engineering (API World)
  • Programming Languages (Dev Innovation)
  • Roundtables
  • Service Mesh & Containers & Kubernetes (API World)
  • Sponsor Spotlight
  • Virtual
  • In-Person/Virtual
  • In Person
  • Virtual
  • Virtual Exclusive