►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
So
it
actually
looks
like
well.
First
of
all,
welcome
to
our
container
security
group
meeting
looks
like
the
first
item
here
highlight
accomplishment.
There's
no
name
by
that
tiago.
Do
you
or
wayne
want
to
take
that.
B
So
we
we've
started
doing
this
as
as
we
we
stole
the
idea
from
the
cq
group,
and
we
think
it's
great
to
celebrate
the
things
that
we
accomplished
since
the
past
week.
We
don't
go
into
detail,
but
the
list
is
there
for,
for
whoever
wants
to
go
into
detail.
I
think
lindsey
put
it
there,
but
that's
the
general
idea
we'll
do
that
every
week,
so
I
don't
know
who
put
it
there
if
it
was
lindsay
or
you
wayne,
but
thank
you.
Here's
lindsey.
Okay,
thank
you
lindsay.
A
Sure
I
won't
read
everything
I
wrote:
there's
not
a
lot
that
impacts
defend
overall,
there's,
definitely
a
shift
away
from
features.
I
think
the
product
organization
as
a
whole
has
been
very
feature
focused
and
not
so
much
usability
focused,
so
there's
a
shift
away
from
features
and
over
to
usability.
A
C
Sorry,
I
just
had
to
had
a
had
to
mention
it.
Sorry,
thanks.
A
Yeah
I
mean
I
don't
know
that
this
impacts
our
prioritization
a
ton.
You
know
things
like
falco,
sidekick
and
active
response
options,
we're
likely
to
push
that
out
even
further
than
we've
already
pushed
it
out
just
to
avoid
piling
on
new
features
and
keep
improving
the
usability
of
things
we
have.
A
A
Right,
so
you
know
adding
the
policy.
Ui
is
a
great
example
right,
where
just
the
other
day,
you
know
tiago.
Even
you
ran
into
that
hiccup
over
adding
a
policy
like
having
that
policy,
ui
would
have
helped
improve
usability,
so,
starting
with
that,
adding
in
alert
management
and
improving
the
installation
experience.
All
of
that
is
on
our
radar.
I
think
that
already
aligns
pretty
well
with
with
where
the
company's
headed
general
takeaways.
I
got
a
lot
out
of
it.
A
B
Awesome
thanks
for
sharing
I'll,
I
happy
to
hear
about
the
the
the
shift
to
usability.
A
B
Yeah,
I
didn't
ask
the
team-
I
don't
know
if
you
too,
arthur
and
and
to
me,
if
you
have
any
anything
to
demo
but
in
terms
of
progress
on
the
epic
out
of
the
seven
issues.
Three
I
believe
are
in
review.
B
B
B
D
Is
already
on
in
production,
but
it's
behind.
E
Already
for
me,
I
have
some
stuff
on
that
end,
but
it's
not
linked
to
the
ui.
Yet.
B
Do
you
think
at
some
point
during
the
iteration
we
can
record
a
demo
or
would
that
would
that
jeopardize
and
distract
us
from
from
actually
finishing
it.
D
I
would
say
this:
you
need
to
get
stuff
in
production
to
even
record
them,
and
it's
still
going
to
take
some
time.
I'd
like
to.
C
D
That
there
are
a
couple
comments
from
me
and
zamir
that
it's
mostly
done
but
yay.
We
had
a
few
comments
around
this
topic,
so
yeah
reviews
are
happening,
but
it
takes
time
and
until
it's
merged
it's
really
hard
to
damn
anything
really.
D
B
D
I
guess,
since
it's
my
items,
items
next
yeah.
I
already
mentioned
that
in
mars,
I'm
mostly
already
just
waiting
for
views
and
yeah.
I
don't
think
we're
gonna
make
cross-environment
policies
in
the
release,
because
partially
I
think
we
might
want
to
consider
changing
plan
a
bit
the
more
I
was
thinking
about
it.
I
realized
that
maybe
question
write
policies.
D
It's
a
better
solution
than
what
we
originally
planned
to
do
like
the
original
plan
was
to
essentially
go
and
make
and
produce
a
call
that
will
install
policies
in
all
environments,
but
I
think
it's
quite
inefficient
and
doesn't
fit
well
into
some
of
the
stuff
that
we
did.
So
what
I
was
thinking
is
that
then
you
can
do
another
type
of
policy
which
is
cluster-wide
syrian
policy.
It's
the
same
like
it
fits
really
well
it
in
what
he's
doing
already.
B
D
We
have
only
two
options:
right
now:
install
policy
into
specific
environment
or
across
all
environments,
so
in
first
case
you're
going
to
use
a
cilium
policy
like
just
regular
cilium
policy
and
second
case.
You
can
use
cluster-wide
ceiling
policy
and
it
just
does
exactly
what
we
meant
to
do
in
both
cases.
As
far
as
I
understand,
maybe
I'm
wrong,
but
yeah.
A
E
D
D
Yeah
maybe
has
thoughts
about
it,
but
if
you
need
a
selection
for
multiple
environments
yeah
in
this
case,
we
would
need
some
code
that
will
duplicate
policy
in
each
environment
right
and
cluster
white
ceiling
policy
is
not
going
to
work.
In
this
case
I
think,
but
I
need
to
read
the
docs
yeah.
It's
a
good
question.
I
will
try
to
find
an
answer
for
that,
so
you're
suggesting.
D
Down
selection,
no!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
No!
All
right!
What
we
have
right
now
is
just
a
drop
down,
and
I
think
that's
what
we
do
on
the
back
end
too:
we
just
expect
a
single
environment,
all
the
time
to
be
supplied
with
our
api
calls,
because
that's
how
our
current
policy
ui
and
calls
work,
but
yeah,
it's
not
hard
to
work,
to
support.
D
In
I'm
not
sure,
what's
here
the
one
that
sam
just.
B
We
can
take
this
asynchronously.
What
how
do
you
feel
it's
best?
We
we
we
discuss
and
communicate
this
on
on
the
epic
issue
itself
on
the
implementation
issue
or
open
a
new
issue
for
it.
How
do
we
wanna.
D
D
Not
really
again
there,
it's
not
about
just
an
idea,
it's
just
the
fact
that
we
most
likely
won't
make
if
I'm
correct,
but
it's
mostly
because
I
may
decide
to
finish
back
in
support
for
multiple
environments,
and
I
think
it
will
be
tricky
to
squeeze
in
it
in
this
cycle.
So
that's
why
partially
I
mentioned
that
it
might
be
worse,
investigating
other
ideas
as
a
part
of
this
potential
delay,
but
it's
better
for
zamir
to
ask
it.
B
A
A
D
B
A
Just
fine,
we
can
add
support
for
multiple
environments
later
like
we
want
to
adhere
to
our
iteration
value.
So
you
know,
let's
get
you
know,
keep
going
with
just
one
environment
get
that
done
and
if
it
misses
the
release,
we
can
always
create
a
follow-up
issue
and
prioritize
that
accordingly,
so
I
I
think,
that's
just
fine
to
start
with
just
one
environment,
I
don't
have
any
problems
with.
A
E
I
don't
think
so.
I
think
that
the
mrs
are
a
little
bit
slower
through
this
time,
especially
for
the
backhands,
looks
like
the
relationship
between
the
environments
and
the
deployment
and
space
and
the
the
tables
are
not
like
optimized
to
have
a
good
query.
So
then
we're
going
to
have
to
work
a
little
bit
on
that
and
yeah,
and
that's
basically
what
adding
to
the
what
others
said
already.
B
E
We
can
help,
I
think,
it's
just
how
how
things
play
together
like
the
matching
that
they
have
the
person,
then
the
person
takes
a
little
bit
longer
and
they
ask
a
couple
of
other
things.
It's
just
some
people
review
quicker
than
others.
Just
we
never
know.
What's
going
to
happen,
that's.
B
B
B
A
All
right
so
then
I
guess
my
next
question:
do
we
know
how
much
of
the
monitor
team's
back
end?
We
can
reuse
for
alerts.
Are
there
any
updates
there?
I
was
originally
hoping
hoping
that
we
could
use
almost
everything
they
had
and
just
make
some
small
changes
to
add
support
for
security
alerts,
but
anyway,
I'm
wondering
where
we're
at
on
that.
D
Yeah,
I
did
not
spend
too
much
time,
but
I
have
give.
I
was
given
some
links
that
I
checked
there
is
some
possibility
of
reusing,
but
I'm
not
sure
about
front-end,
specifically
because
we're
kind
of
thinking
about
going
with
bots
right
now
right
in
this
case
not
much.
D
D
Work
on
cross-group
pieces
of
code
and
then
it's
still
unclear
who
who
will
be
responsible
for
what
and
not
breaking
each
other
things
and
so
stuff
like
that
is
definitely
a
concern
for
me.
Personally,
I
don't
know
if,
if
it's
concerned
for
them,
what
I
propose
is
just
try
not
to
focus
on
this
yet
maybe
like.
We
still
need
to
do
a
hubble,
related
investigation
and
then
see
what
we
can
use
from
the
back
end,
but
kind
of
not
try
to
force
it.
D
Yet
we
can
always
come
back
and
restructure
to
use
more
of
the
patterns
and
models
and
stuff
that
is
monitor.
House
is
using
but
yeah
right
right
now.
It's
kind
of
undecided.
B
Yeah
now,
the
summer,
that
that's
that's
the
summary
we
we
haven't
refined
the
issues
yet,
and
we
decided
that
there's
a
spike
that
we
want
to
do
on
hubble.
Once
we
have
that
spike
and
as
far
as
refinement
we'll
be
able
to
see,
if
there's
anything
to
use
but
yeah,
we
don't
know
about
trying
up
code
and
actually
using
or
just
taking
inspiration.
A
Yeah,
it
would
be
great
if
we
can
at
least
reuse
like
some
of
their
database
components
and
just
put
in
a
flag
there
between
the
two.
I
mean,
there's
a
lot,
that's
the
same.
You
know
they
already.
Are
you
know
roughly
a
year
or
so
ahead
of
us
they've
got
incidents
the
ability
to
take
alerts
and
turn
them
into
incidents
you
can
assign
them
to
people.
A
You
can
create
issues,
they've
already
done
a
lot
of
what
we
want
to
do
and
I'm
hoping
if
we
can
take
the
data
from
hubble
and
have
something
in
between
where
it
converts
it
into
the
alert
format
that
we
can
just
get
most
of
what
they
have
working
already.
Without
I
mean
we're
going
to
have
to
do
some
work
to
customize
it
for
ourselves,
but
the
more
we
can
reuse
the
butter,
also
the
first
mvc.
A
So
I
know
we
are
planning
to
do
like
a
board
layout,
but
the
first
mvc
we
can
just
stick
with
the
same
kind
of
layout
that
they
have
today.
If
it
helps
on
the
front
end,
if
not,
we
can
just
go
straight
to
the
to
more
of
the
board
layout.
But
let's
see
if
I
can
come
back
here,
so
this
was
more
in
the
future.
A
You
know
this
was
the
mvc
is
just
kind
of
matching
what
they
had
today
in
an
alert
again
just
to
try
to
make
it
as
small
and
as
little
as
possible
to
match.
You
know:
what's
the
smallest
amount
that
we
can
get
out
the
door
without
doing
something
too
big.
B
Yeah,
we're
definitely
not
looking
to
reinvent
the
the
wheels
time
if,
if
there's,
if
there's
room
for
use,
we
will
do
that,
but
especially
with
the
front
end,
where
things
will
change,
it
doesn't
make
sense
to
invest
in
reusing
the
same
one.
Looking
that
we're
gonna
then
pull
out
and
go
in
a
completely
different
direction.
We,
it
might
just
be
a
copy
and
paste
right.
We
use
this
as
a
template
and
just
modify
what
we
need.
So
we'll
definitely
get
some
efficiency
from
that.
It's
not
100
clear.
A
Well
thanks:
I
was
just
wondering
there
all
right
so
and
it
looks
like
we
probably
will
have
time
just
an
update
on
usability
testing,
so
kyle
is
kicking
off
both
of
those
solution
validations
this
week,
one
solution,
validation
for
the
alert
management
and
one
for
policy
management.
So
far
we
had
one
meeting.
It
was
with
somebody
internal
to
get
lab
on
the
gitlab
security
team
feedback
was
great,
very
supportive.
A
Most
of
it
confirmed
what
we
have
already.
We
got
a
lot
of
good
feature
requests
for
things
in
the
future
that
are
outside
of
the
scope
of
the
mvc,
for
example.
Just
to
give
you
one
here
as
an
example
was
to
add,
like
an
alert
notification
item
up
at
the
top
right
corner,
so
that
they
can
keep
track
of
everything.
A
You
know
you're
not
sharing
up
here.
You've
got
your
to-do's,
you
know,
but
to
add
a
new
like
alert
notification
up
there.
Obviously,
that's
outside
of
the
scope
of
the
mvc,
but
I
just
wanted
to
share
some
of
that
early
feedback
and
then
my
last
note
there
is
I've,
been
updating
both
kyle
and
I
have
been
updating
the
prototype
out
here.
So
you
know,
if
you
have
time,
feel
free
to
take
a
look
at
it.
This
is
what
we're
using
to
test
to
walk
our
users
through
when
we're
doing
the
testing.
A
So
some
things
work
some
things,
don't
some
of
this
kyle
built
some
of
it
I
built,
but
you
know
there's
actually
like
am
I
working,
which
is
kind
of
cool.
I
think
only
one
of
these
is
one
you
can
click.
We
still
need
to
finish
out
this
details
pane.
A
I
have
some
initial
work
done
for
pod
security
policies,
so
here
you
can
pick
either
runtime
container
policy
or
runtime
cluster
policy
and
cluster
applies
cluster
wide.
So
that's
really
where
the
pod
security
policies
get
applied,
and
you
know
again
roughly
fleshing
out
what
this
might
look
like,
how
it
generates
the
ammo.
A
A
A
It
looks
like
that
one's
not
generating.
Let
me
see
if
this
one
works
here.
We
go,
you
know,
let's
see,
hosts.
A
For
example,
anyway,
I'm
still
working
on
it-
this
syntax
very
well
might
be
not
accurate,
but.
A
And
again,
it
kind
of
shows
the
idea
that
both
of
these
can
potentially
live
together.
It
looks
like
I
have
a
couple
bugs
in
the
script
right
now,
but
where
you'll
be
able
to
add
both
file
and
network
policies,
it'll
generate
your
app
armor
and
your
filling
on
yaml,
and
you
can
pick
what
you
want
to
do
with
the
file
activity
and
what
you
want
to
do
with
the
network
traffic.
So
I
know
with
all
of
this
we're
getting
like
way
out
far
ahead
of
development
in
all
of
this.
A
So
I
do
not,
please
do
not
feel
overwhelmed.
I
I
know
that
you
know.
We've
only
got
two
developers
and
we've
got
a
long
way
to
go,
but
the
goal
of
this
is
just
to
flesh
out
a
little
bit
more
so
that
we
can
get
some
good
user
testing
on
it,
get
some
feedback
and
make
sure
that
when
we
do
come
back
to
adding
in
like
app
armor-
and
you
know,
falco
and
and
pod
security
policy
rules
into
here-
that
we
have
a
direction
on
how
that
might
work.
B
So,
sam,
while
you
were
away
arthur,
was
doing
some
work
on
his
home
lab
and
he
he
posted
a
good
summary
of
what
he's
he
learned
when
he
was.
I
don't
know
if
you
want
to
verbalize
the
main
points
arthur
that
that
would
impact
what
sam
was
describing
just
now.
D
Yeah,
the
main
point
is
psps
are
better
and
they
there
are
no
plans
to
move
this
piece
of
work
and
keeping
it
stable,
and
there
are
actually
mentions
that
psps
actually
will
be
deprecated
completely
and
alternative
suggestion
for
psps
is
a
separate
product
and
not
product
and
piece
of
software.
D
That's
called
open
policy
agent
and
yes,
so
there
is
a
chance
that
in
a
couple
of
versions,
which
is
probably
a
year
or
two
down
the
road,
this
piece
will
be
gone
and
there
will
be
no
substitutional
than
an
external
plug-in
like
an
open
policy
agent,
and
on
top
of
that
I
had
a
really
rough
time
with
space
face
because
we're
kind
of
providing-
and
it's
a
given
at
this
issue-
obviously
not
on
us.
We
are
providing
a
way
to
install
policies
in
the
world.
D
D
It's
a
hard
task.
I
would
stop
this
ahead,
it's
possible
to
do,
but
it's
not
something
that
we
will
be
able
to
like,
let's
say,
create
a
script
for
users
would
be
doing
that
manually
and
we
can't
really
assist
with
that
and
I'm
not
even
sure
how
to
do
and
like,
let's
say
on
in
management,
environment
environments
like
gk
and
aks,
where
masternode
is
completely
out
of
your
control,
so
yeah
there
are
definitely
a
room
for
improvement
up
there.
A
Yeah,
that's
a
great
heads
up.
Thank
you
for
that.
I
I
saw
that
while
I
was
on
my
ceo
shadow
and
I
did
not
read
it
all
the
way
I
kind
of
put
it
on
the
list
of
things
to
go
back
and
read
afterwards,
so
we
do
have
an
issue
about
integrating
with
opa
it's
not
planned
anytime
soon,
but
yeah.
Thanks
for
that
heads
up,
I
think
you
know
we'll
probably
start
with
the
oh.
E
No
just
for
just
for
default
policy
and
for
allowed
policies,
if
you
just
wanna,
link
it
up
with
the
polled
and
serves
that
you
can
still
do
that.
D
D
The
the
psp
was
supposed
to
be
a
global
settings
like
you
set
it
once,
and
it's
enforced
across
your
cluster
and
and
you
don't
have
to
put
the
same
annotation
over
and
over
again
into
your
yaml
files,
but
there
is
also
a
security
context
on
the
pod
itself.
That
does
the
same
thing
as
a
psp,
but
it
only
applies
to
a
single
deployment
or
similar
resources.
D
So
I
think
it's
much
easier
to
use
security
contacts
right
now,
because
you
don't
have
to
pre-configure
anything,
and
essentially
you
have
the
same
tools.
The
downside
is,
you
have
to
apply
to
every
unit
of
work
you
have
in
kubernetes,
but
since
we're
kind
in
control
of
those
units
of
works
through
the
environments,
it's
a
good.
It's.
This
introduction.
D
Yeah,
in
my
experience
it's
just
enabling
psps
it's
it's
too
much
for
us
to
ask
right
now.
That's
the
biggest
issue
for
me.
If
they're
having
so
many
issues
with
quest
integrations
asking
to
reconfigure
masternode
in
givenettas,
it
will
be
an
interesting
suggestion.
So
yeah,
I
definitely
think
like
maybe
shifting
to
both
security
contacts
based
integration
is
a
bit
better
right
now
pass
for
us.
B
So
something
something
to
keep
in
mind
sam.
We
obviously
plenty
busy
with
other
stuff
to
offer
to
do
a
proof
of
concept
or
anything
like
that.
But
it
was
helpful
that
arthur
had
a
chance
to
play
in
his
own
time.
A
Yeah
thank
you
for
that.
I
think
it's
likely
that
when
we
do
come
back
around
we'll
start
with
apple
armor
anyway,
so
it'll
be
a
while
before
we
do
more
with
pod
security
policies.
So
at
that
point,
we'll
just
need
to
remember
to
revisit
that
question
of.
Do
we
want
to
keep
pub
security
policies
or
use
pod
security
contacts
or
opa
or
something
else.
So
thank
you
for
that
arthur
appreciate
it
all
right.