KubeCon & CloudNativeCon 2020 – Takeaways

The Seiso team recently had the pleasure of virtually attending the 2020 iteration of KubeCon and CloudNativeCon. Even with the new virtual format, there were many great sessions that covered interesting new topics, tools, and practices for Kubernetes and other projects in the cloud native ecosystem.

Among those, we noted a handful of tools and themes that stood out to our team from an adoption and security perspective.

If you’d like to check out any of the talks, most are now available to watch freely on YouTube here.

Open Policy Agent

Open Policy Agent is a policy engine that is quickly becoming an integral part of the Kubernetes security ecosystem and standardization.

Key takeaways:

We think it’s likely Open Policy Agent will become the de-facto way to write Kubernetes security controls given the number companies that already seem to be adopting it with interesting use cases.

Runtime Container Security

One of our favorite projects at Seiso is Falco, an incubating CNCF project for providing runtime container security through monitoring of policies and automated responses.

Key takeaways:

We see Falco continuing to gain traction as a top contender for runtime monitoring and automated response of Kubernetes clusters.

Cloud Native Monitoring and Dependency Mapping

We noticed a couple projects pushing new advances in cloud native security monitoring and dependency mapping.

Key takeaways:

Container Image Scanning

Just as we recommend dynamic and static scanning of software, we’re excited to see solutions for security testing container images becoming more prevalent.

Key takeaways:

Subscribe to our Newsletter