StackRox / Office Hours

Add meeting Rate page Subscribe

StackRox / Office Hours

These are all the meetings we have in "Office Hours" (part of the organization "StackRox"). Click into individual meeting pages to watch the recording and search or read the transcript.

19 Apr 2022

In episode 8, we will discuss the previous week's engineering meetings and how to navigate the StackRox project and walk through a basic Kubernetes deployment.

Join us live on the 19th at 1 pm Pacific and 4 pm eastern will all of your questions and feedback.
  • 2 participants
  • 47 minutes
stackrock
thanks
host
personally
onboarding
stackrocks
technical
stackrox
stack
currently
youtube image

15 Mar 2022

The StackRox team is excited to announce the future of the open source StackRox project. We will discuss all upcoming events and prepare the project for its forthcoming release.

Join us live on Tuesday, March 15th at 4 pm EST, 1 pm PST as the team discusses everything you need to know for the future release!
  • 3 participants
  • 48 minutes
stackrock
currently
deployments
github
updates
openshift
security
hi
linux
hat
youtube image

15 Feb 2022

Join Michael Foster and Christian Hernandez in a discussion around Argo CD, GitOps and integrating security into your development pipelines. They’ll be discussing Argo CD and how to use the application securely while maintaining the development speed that your team requires. As always, they’ll be taking questions live and doing a short demo!

Come with all of your GitOps and security questions. And we’ll see you live, on February 15th!
  • 2 participants
  • 1:01 hours
argo
personally
mike
hat
hire
talking
takes
server
exciting
thanks
youtube image

18 Jan 2022

No description provided.
  • 4 participants
  • 50 minutes
log
security
log4j
shell
kubernetes
firewalling
logged
stack
docker
deployments
youtube image

21 Oct 2021

Back by popular demand on Red Hat Live Streaming, Connor Gorman is joining to discuss the top security challenges facing Kubernetes today and how to address these challenges.

Join Connor Gorman and Michael Foster to answer your Kubernetes Security questions in our monthly StackRox Community Office Hours.
  • 2 participants
  • 56 minutes
kubernetes
security
servers
stackrock
ddos
firewalls
deployments
public
concerns
policies
youtube image

16 Sep 2021

An important step in securing Kubernetes is reducing the attack surface by enabling network policies. But it's easy to make mistakes in building those YAML files.

Join our Office Hours to get your K8s networking questions answered. We'll start with some simple practical steps to secure your Kubernetes first, and then take your live questions. Ask our subject matter experts about:
- Applying policies to isolate pods
- Best practices on ingress and egress policies
  • 2 participants
  • 1:05 hours
kubernetes
protocol
stackrock
tooling
network
policies
administrator
servers
introduction
deployments
youtube image

13 Sep 2021

Streaming live on openshift.tv: eBPF is the behind-the-scenes subsystem of the Linux kernel that enables new and simpler methods of profiling, networking, and security for Kubernetes without compromising speed and safety.

Join our monthly Office Hours to get your eBPF questions answered. We’ll start with an overview of the capabilities that eBPF provides.
  • 2 participants
  • 56 minutes
ebpf
deployments
kubernetes
ebps
eb
ebf
edpf
useful
networking
kernel
youtube image

16 Jul 2021

Learn the do’s and don’ts of implementing a successful Kubernetes security strategy from hands-on practitioner Connor Gorman, sr. principal software engineer at Red Hat (previously StackRox).

Get your Kubernetes Security 101 questions answered in our monthly StackRox Community Office Hours and check out stackrox.io
  • 2 participants
  • 41 minutes
stackrock
host
conor
redhat
anybody
chat
today
twitch
docker
chris
youtube image

22 Jun 2021

Red Hat OpenShift uses a declarative model for configuring workloads and comes with specific controllers to ensure the observed state adheres to the desired workload configurations.

Securely configuring workloads is one of the key elements of protecting containerized applications in OpenShift. Customers can leverage built-in controls in the OpenShift platform to provide developers and security teams with security guardrails. When there is a configuration drift, these controls can be used to ensure prompt remediation.

Learn how to go beyond image scanning and extend security to the deploy phase of OpenShift applications where workloads are configured. We will show you how to:

- use access and authorization controls to protect your OpenShift clusters from unauthorized access
- reduce your attack surface and mitigate lateral movement by implementing workload isolation using network policies
- embed configuration checks into the build pipeline to shift security left
take advantage of Kubernetes-native controls for better policy enforcement

Join us to see a demo of how to leverage the built-in OpenShift capabilities and Red Hat Advanced Cluster Security for Kubernetes to build and deploy a more secure application.
  • 2 participants
  • 38 minutes
security
kubernetes
cicd
conversations
openshift
hackers
configuration
host
stackrocks
troubleshooting
youtube image

3 Jun 2021

Red Hat OpenShift Pipelines is a cloud-native CI/CD solution that uses Tekton building blocks to automate deployments. Tekton introduces a number of standard Custom Resource Definitions (CRDs) for defining CI/CD pipelines that are portable across Kubernetes distributions.

Watch our office hours to learn about how to embed and automate security into Red Hat OpenShift Pipelines. We will show you:
- Common security checks that you should include in your container images and deployment configurations
- Step-by-step instructions on how to automate the security checks
- How to enable developers to fix security issues in builds and deployments earlier

Get your DevSecOps questions answered and start embedding must-have security checks into OpenShift Pipelines for a more resilient application.
  • 2 participants
  • 48 minutes
security
openshift
troubleshooting
automation
deployments
stackrock
concerns
introduction
servers
policies
youtube image

30 Apr 2021

One of the most significant announcements at KubeCon North America was the Certified Kubernetes Security Specialist (CKS) program. The online, proctored, performance-based exam will test on a range of Kubernetes security topics.

In this Office Hours, we will discuss the exam concepts with John Forman, who helped develop the exam with CNCF. We’ll cover the following, in addition to some tips:

- How to get started
- Structure of the exam
- Important topics to focus on
  • 2 participants
  • 1:01 hours
kubernetes
monitored
conversations
docker
client
webinar
accenture
hi
administrator
proponent
youtube image

30 Apr 2021

As organizations embrace Kubernetes to manage their containerized workloads and accelerate towards microservices architectures, security needs to shift left and be embedded into the software supply chain. In a DevOps-led world, security must adapt to developer workflows by embedding guardrails and automated checks for developers to build and deploy secure applications.

Join this webinar to learn why Kubernetes security starts with securing the CI/CD pipeline, including the build processes, image registries, and Kubernetes deployments.

Attendees will learn how to:

- Detect and mitigate vulnerabilities in the build phase, registries, and at runtime
- Build (or choose pre-built) base images that adhere to security best practices
- Leverage Kubernetes-native security policies integrated with DevOps tooling to automatically validate deployments
  • 2 participants
  • 59 minutes
kubernetes
webinars
security
stackrock
cicd
startups
host
session
moderating
emails
youtube image

30 Apr 2021

Join our Office Hours to get your K8s base images questions answered. In this workshop, we will discuss the security-relevant attributes of your base images and show you the steps you must take to understand and minimize your security risk.
  • 2 participants
  • 50 minutes
docker
webinar
background
hosts
andy
dockercon
images
kubernetes
presenting
basing
youtube image

30 Apr 2021

Join our Office Hours to get your questions answered on mitigating K8s attacks.

During Office Hours, our Co-founder and Chief Strategy Officer, Wei Lien Dang, and our Director of Solutions Engineering, Chris Porter, will cover:

- key tactics and techniques you can expect attackers will use on Kubernetes clusters
- the range of Kubernetes-specific and cloud-specific controls to apply
- a prioritized list of mitigation steps you should apply to give you the broadest protection
  • 2 participants
  • 58 minutes
webinars
kubernetes
hours
hosted
session
mitigating
workflow
policies
docker
startups
youtube image

29 Apr 2021

StackRox recently announced its first open-source tool, KubeLinter. KubeLinter is a static analysis tool that identifies misconfigurations in Helm charts or YAML files. With 19 standard built-in checks and the opportunity to configure your own, KubeLinter provides flexibility, repeatability, and portability to your security checks and pipelines.

In this Office Hours, we will discuss with co-developers Viswajith Venugopal and Koki Yoshida about 

- KubeLinter
- The Open-source community
- Their developer journey
  • 3 participants
  • 53 minutes
cubelinter
workflows
newbie
maintainers
chat
kubernetes
qblinter
codementor
cokie
spearheaded
youtube image

29 Apr 2021

The typical on-prem approach to security has evolved. The cloud has introduced several different layers of managed services that make navigating the security aspects challenging. Multi and hybrid-cloud workloads and the various tool selection options only add to the challenges. 

Workload security starts at the design phase with many considerations involved, and there will key security touchpoints throughout the journey. We want to help you navigate the workload security challenges ahead.

In this session, we will discuss:

- The typical infrastructure layers
- How cloud workloads have changed the security process
- How you can identify where you fit in the ecosystem
  • 2 participants
  • 53 minutes
kubernetes
webinar
steve
stackrock
hi
security
conversations
workflows
cloud
session
youtube image

28 Apr 2021

eBPF is the behind-the-scenes subsystem of the Linux kernel that enables new and simpler methods of profiling, networking, and security for Kubernetes without compromising speed and safety.

Join our Office Hours to get your eBPF questions answered. We'll start with an overview of the capabilities that eBPF provides.

Our experts talk about:

- How eBPF programs are written
- The benefits of eBPF based cloud-native tools
- How to debug performance issues using eBPF tracing
  • 2 participants
  • 58 minutes
ebpf
workflow
hosting
helpers
session
stackrock
webinar
enterprise
console
hey
youtube image

20 Jul 2020

Learn the do’s and don’ts of implementing a successful Kubernetes security strategy from hands-on practitioner Connor Gorman, principal engineer at StackRox. Listen to our first-ever virtual Office Hours to to hear the questions answered on the security challenges you must address and the best practices to follow. Questions answered were on how to:

- Shift security left by embedding security into the software supply chain
- Harden your Kubernetes infrastructure by enforcing configuration and compliance best practices
- Protect workloads running in production environments from external threats
- Ensure that security poses minimal operational risk
  • 3 participants
  • 50 minutes
kubernetes
security
hosting
firewalling
coop
policies
devops
concerns
privileges
maintaining
youtube image