Get your ticket or log in to build your agenda.

PRO SESSION (MICROSERVICES): How Can Thee Automate Security as Code in Kubernetes Pipelines? Let Me Count the Ways


Jorn Knuttila
NeuVector, Solution Engineer

Jorn is a bearded, bumbling Nordic geek from the frozen tundra surrounding Minneapolis, MN (a suburb of Canada, doncha know!) playing Solution Engineer and DevRel Advocate at NeuVector. Understanding the business behind the technology makes Jorn a uniquely qualified guide to the container security journey. With over 25 years in IT, at industry leaders like IBM, Rundeck CenturyLink and Savvis, and experience as a practitioner, Jorn has lots of stories about ruining things on the Internet before there even was an Internet, uphill both ways, in the snow. After many years doing really big things at really big companies, he's disturbingly excited about being a part of the awesomeness that is NeuVector. Ask him why.


For DevOps and DevSecOps teams, implementing security-as-code is among the highest of mountaintops…and yet still so seldom achieved. Dev teams certainly recognize the advantages of automatically integrating security across the entire software development lifecycle – but they’re too often daunted by the challenge of automating security policies within rapidly changing Kubernetes environments. While it’s now standard practice to automate vulnerability scanning, creating security policies to protect production workloads has, unfortunately, remained a manual, tedious, and error-prone process.

However, by leveraging Kubernetes custom resources, DevOps teams have opportunities at-the-ready to successfully – and pretty easily! – implement security policies as code. Getting it right means fully automating security across the entire CI/CD pipeline.

Attendees of this presentation should expect these takeaways:

• How to use Kubernetes custom resource definitions (CRDs) to implement security policy as code.
• What can and should be a declarative configuration for security policies in Kubernetes.
• Why network inspection is so essential to implement in a Kubernetes environment.
• How to secure communications among microservices and achieve network visibility.
• A demonstration of how to easily and beneficially apply security policies and introduce fully automated security-as-code for Kubernetes.