19 Apr 2022
In episode 8, we will discuss the previous week's engineering meetings and how to navigate the StackRox project and walk through a basic Kubernetes deployment.
Join us live on the 19th at 1 pm Pacific and 4 pm eastern will all of your questions and feedback.
Join us live on the 19th at 1 pm Pacific and 4 pm eastern will all of your questions and feedback.
- 2 participants
- 47 minutes
15 Mar 2022
The StackRox team is excited to announce the future of the open source StackRox project. We will discuss all upcoming events and prepare the project for its forthcoming release.
Join us live on Tuesday, March 15th at 4 pm EST, 1 pm PST as the team discusses everything you need to know for the future release!
Join us live on Tuesday, March 15th at 4 pm EST, 1 pm PST as the team discusses everything you need to know for the future release!
- 3 participants
- 48 minutes
15 Feb 2022
Join Michael Foster and Christian Hernandez in a discussion around Argo CD, GitOps and integrating security into your development pipelines. They’ll be discussing Argo CD and how to use the application securely while maintaining the development speed that your team requires. As always, they’ll be taking questions live and doing a short demo!
Come with all of your GitOps and security questions. And we’ll see you live, on February 15th!
Come with all of your GitOps and security questions. And we’ll see you live, on February 15th!
- 2 participants
- 1:01 hours
21 Oct 2021
Back by popular demand on Red Hat Live Streaming, Connor Gorman is joining to discuss the top security challenges facing Kubernetes today and how to address these challenges.
Join Connor Gorman and Michael Foster to answer your Kubernetes Security questions in our monthly StackRox Community Office Hours.
Join Connor Gorman and Michael Foster to answer your Kubernetes Security questions in our monthly StackRox Community Office Hours.
- 2 participants
- 56 minutes
16 Sep 2021
An important step in securing Kubernetes is reducing the attack surface by enabling network policies. But it's easy to make mistakes in building those YAML files.
Join our Office Hours to get your K8s networking questions answered. We'll start with some simple practical steps to secure your Kubernetes first, and then take your live questions. Ask our subject matter experts about:
- Applying policies to isolate pods
- Best practices on ingress and egress policies
Join our Office Hours to get your K8s networking questions answered. We'll start with some simple practical steps to secure your Kubernetes first, and then take your live questions. Ask our subject matter experts about:
- Applying policies to isolate pods
- Best practices on ingress and egress policies
- 2 participants
- 1:05 hours
13 Sep 2021
Streaming live on openshift.tv: eBPF is the behind-the-scenes subsystem of the Linux kernel that enables new and simpler methods of profiling, networking, and security for Kubernetes without compromising speed and safety.
Join our monthly Office Hours to get your eBPF questions answered. We’ll start with an overview of the capabilities that eBPF provides.
Join our monthly Office Hours to get your eBPF questions answered. We’ll start with an overview of the capabilities that eBPF provides.
- 2 participants
- 56 minutes
16 Jul 2021
Learn the do’s and don’ts of implementing a successful Kubernetes security strategy from hands-on practitioner Connor Gorman, sr. principal software engineer at Red Hat (previously StackRox).
Get your Kubernetes Security 101 questions answered in our monthly StackRox Community Office Hours and check out stackrox.io
Get your Kubernetes Security 101 questions answered in our monthly StackRox Community Office Hours and check out stackrox.io
- 2 participants
- 41 minutes
22 Jun 2021
Red Hat OpenShift uses a declarative model for configuring workloads and comes with specific controllers to ensure the observed state adheres to the desired workload configurations.
Securely configuring workloads is one of the key elements of protecting containerized applications in OpenShift. Customers can leverage built-in controls in the OpenShift platform to provide developers and security teams with security guardrails. When there is a configuration drift, these controls can be used to ensure prompt remediation.
Learn how to go beyond image scanning and extend security to the deploy phase of OpenShift applications where workloads are configured. We will show you how to:
- use access and authorization controls to protect your OpenShift clusters from unauthorized access
- reduce your attack surface and mitigate lateral movement by implementing workload isolation using network policies
- embed configuration checks into the build pipeline to shift security left
take advantage of Kubernetes-native controls for better policy enforcement
Join us to see a demo of how to leverage the built-in OpenShift capabilities and Red Hat Advanced Cluster Security for Kubernetes to build and deploy a more secure application.
Securely configuring workloads is one of the key elements of protecting containerized applications in OpenShift. Customers can leverage built-in controls in the OpenShift platform to provide developers and security teams with security guardrails. When there is a configuration drift, these controls can be used to ensure prompt remediation.
Learn how to go beyond image scanning and extend security to the deploy phase of OpenShift applications where workloads are configured. We will show you how to:
- use access and authorization controls to protect your OpenShift clusters from unauthorized access
- reduce your attack surface and mitigate lateral movement by implementing workload isolation using network policies
- embed configuration checks into the build pipeline to shift security left
take advantage of Kubernetes-native controls for better policy enforcement
Join us to see a demo of how to leverage the built-in OpenShift capabilities and Red Hat Advanced Cluster Security for Kubernetes to build and deploy a more secure application.
- 2 participants
- 38 minutes
3 Jun 2021
Red Hat OpenShift Pipelines is a cloud-native CI/CD solution that uses Tekton building blocks to automate deployments. Tekton introduces a number of standard Custom Resource Definitions (CRDs) for defining CI/CD pipelines that are portable across Kubernetes distributions.
Watch our office hours to learn about how to embed and automate security into Red Hat OpenShift Pipelines. We will show you:
- Common security checks that you should include in your container images and deployment configurations
- Step-by-step instructions on how to automate the security checks
- How to enable developers to fix security issues in builds and deployments earlier
Get your DevSecOps questions answered and start embedding must-have security checks into OpenShift Pipelines for a more resilient application.
Watch our office hours to learn about how to embed and automate security into Red Hat OpenShift Pipelines. We will show you:
- Common security checks that you should include in your container images and deployment configurations
- Step-by-step instructions on how to automate the security checks
- How to enable developers to fix security issues in builds and deployments earlier
Get your DevSecOps questions answered and start embedding must-have security checks into OpenShift Pipelines for a more resilient application.
- 2 participants
- 48 minutes
30 Apr 2021
One of the most significant announcements at KubeCon North America was the Certified Kubernetes Security Specialist (CKS) program. The online, proctored, performance-based exam will test on a range of Kubernetes security topics.
In this Office Hours, we will discuss the exam concepts with John Forman, who helped develop the exam with CNCF. We’ll cover the following, in addition to some tips:
- How to get started
- Structure of the exam
- Important topics to focus on
In this Office Hours, we will discuss the exam concepts with John Forman, who helped develop the exam with CNCF. We’ll cover the following, in addition to some tips:
- How to get started
- Structure of the exam
- Important topics to focus on
- 2 participants
- 1:01 hours
30 Apr 2021
As organizations embrace Kubernetes to manage their containerized workloads and accelerate towards microservices architectures, security needs to shift left and be embedded into the software supply chain. In a DevOps-led world, security must adapt to developer workflows by embedding guardrails and automated checks for developers to build and deploy secure applications.
Join this webinar to learn why Kubernetes security starts with securing the CI/CD pipeline, including the build processes, image registries, and Kubernetes deployments.
Attendees will learn how to:
- Detect and mitigate vulnerabilities in the build phase, registries, and at runtime
- Build (or choose pre-built) base images that adhere to security best practices
- Leverage Kubernetes-native security policies integrated with DevOps tooling to automatically validate deployments
Join this webinar to learn why Kubernetes security starts with securing the CI/CD pipeline, including the build processes, image registries, and Kubernetes deployments.
Attendees will learn how to:
- Detect and mitigate vulnerabilities in the build phase, registries, and at runtime
- Build (or choose pre-built) base images that adhere to security best practices
- Leverage Kubernetes-native security policies integrated with DevOps tooling to automatically validate deployments
- 2 participants
- 59 minutes
30 Apr 2021
Join our Office Hours to get your K8s base images questions answered. In this workshop, we will discuss the security-relevant attributes of your base images and show you the steps you must take to understand and minimize your security risk.
- 2 participants
- 50 minutes
30 Apr 2021
Join our Office Hours to get your questions answered on mitigating K8s attacks.
During Office Hours, our Co-founder and Chief Strategy Officer, Wei Lien Dang, and our Director of Solutions Engineering, Chris Porter, will cover:
- key tactics and techniques you can expect attackers will use on Kubernetes clusters
- the range of Kubernetes-specific and cloud-specific controls to apply
- a prioritized list of mitigation steps you should apply to give you the broadest protection
During Office Hours, our Co-founder and Chief Strategy Officer, Wei Lien Dang, and our Director of Solutions Engineering, Chris Porter, will cover:
- key tactics and techniques you can expect attackers will use on Kubernetes clusters
- the range of Kubernetes-specific and cloud-specific controls to apply
- a prioritized list of mitigation steps you should apply to give you the broadest protection
- 2 participants
- 58 minutes
29 Apr 2021
StackRox recently announced its first open-source tool, KubeLinter. KubeLinter is a static analysis tool that identifies misconfigurations in Helm charts or YAML files. With 19 standard built-in checks and the opportunity to configure your own, KubeLinter provides flexibility, repeatability, and portability to your security checks and pipelines.
In this Office Hours, we will discuss with co-developers Viswajith Venugopal and Koki Yoshida about
- KubeLinter
- The Open-source community
- Their developer journey
In this Office Hours, we will discuss with co-developers Viswajith Venugopal and Koki Yoshida about
- KubeLinter
- The Open-source community
- Their developer journey
- 3 participants
- 53 minutes
29 Apr 2021
The typical on-prem approach to security has evolved. The cloud has introduced several different layers of managed services that make navigating the security aspects challenging. Multi and hybrid-cloud workloads and the various tool selection options only add to the challenges.
Workload security starts at the design phase with many considerations involved, and there will key security touchpoints throughout the journey. We want to help you navigate the workload security challenges ahead.
In this session, we will discuss:
- The typical infrastructure layers
- How cloud workloads have changed the security process
- How you can identify where you fit in the ecosystem
Workload security starts at the design phase with many considerations involved, and there will key security touchpoints throughout the journey. We want to help you navigate the workload security challenges ahead.
In this session, we will discuss:
- The typical infrastructure layers
- How cloud workloads have changed the security process
- How you can identify where you fit in the ecosystem
- 2 participants
- 53 minutes
28 Apr 2021
eBPF is the behind-the-scenes subsystem of the Linux kernel that enables new and simpler methods of profiling, networking, and security for Kubernetes without compromising speed and safety.
Join our Office Hours to get your eBPF questions answered. We'll start with an overview of the capabilities that eBPF provides.
Our experts talk about:
- How eBPF programs are written
- The benefits of eBPF based cloud-native tools
- How to debug performance issues using eBPF tracing
Join our Office Hours to get your eBPF questions answered. We'll start with an overview of the capabilities that eBPF provides.
Our experts talk about:
- How eBPF programs are written
- The benefits of eBPF based cloud-native tools
- How to debug performance issues using eBPF tracing
- 2 participants
- 58 minutes
20 Jul 2020
Learn the do’s and don’ts of implementing a successful Kubernetes security strategy from hands-on practitioner Connor Gorman, principal engineer at StackRox. Listen to our first-ever virtual Office Hours to to hear the questions answered on the security challenges you must address and the best practices to follow. Questions answered were on how to:
- Shift security left by embedding security into the software supply chain
- Harden your Kubernetes infrastructure by enforcing configuration and compliance best practices
- Protect workloads running in production environments from external threats
- Ensure that security poses minimal operational risk
- Shift security left by embedding security into the software supply chain
- Harden your Kubernetes infrastructure by enforcing configuration and compliance best practices
- Protect workloads running in production environments from external threats
- Ensure that security poses minimal operational risk
- 3 participants
- 50 minutes