Cloud Native Security

Digital Developer Conference

On-demand Replays

The Digital Developer Conference: Cloud Native Security 2020 is your free opportunity to develop skills with the leading open source tools needed to build smart and secure cloud native applications. Led by subject matter experts from IBM and Red Hat, these session and lab replays offer beginners and experts alike an opportunity to explore techniques in Application Security, Data Security, and DevSecOps.

Application Security

Protect your application and secure cluster access, network, pods and containers, keys and credentials.

Day 1: July 1, 2020

  • The Opening Keynote will cover ideas on container security. Dan will explain the three entities involved in running a container, and explain how each entity has influence on the security of the container. Dan will explain ideas on how we can do this in as user friendly manner as possible.

    Dan Walsh

    Enter this session

  • Ilene uses an example of a simple cloud native web application to discuss how, where and when to apply a security-centric approach to build a secure solution. She will touch on topics like secure handling of credentials, secure coding practices and DevSecOps. She will discuss development-time considerations, as well as runtime considerations.

    Chris WeberIlene Seelemann

    Enter this session

  • This talk will begin with a technical overview of IBM Cloud Hyper Protect Virtual Servers, providing a Linux-based environment on IBM Z to develop secure applications. Then from the IBM Storage team, we learn how they've developed open source plug-ins based on CSI specification to connect high performance file and block storage arrays to container frameworks so that applications can be securely deployed on persistent storage.

    Chris PooleMatt Levan

    Enter this session

  • Enterprises must meet internal standards for software engineering, secure engineering, resiliency, security, and regulatory compliance for workloads hosted on hybrid clouds. Doing so using manual processes is error prone and expensive, and also makes it hard to easily determine overall security and compliance posture. A policy based governance approach addresses these concerns, allows enterprises to gain visibility and drive remediation for various security and configuration aspects to meet enterprise standards and making it easier for enterprises to adopt secure hybrid cloud. Further, applying this governance approach using "open source" principles results in collaboration across multiple vendors and standards organizations. Jaya will illustrate this approach using the Open Cluster Management community project and Red Hat Advanced Cluster Management product offering that utilizes this project.

    Jayashree Ramanathan

    Enter this session

  • Secure containers are the fundamental building blocks of secure Kubernetes pods. Troy will talk about building and maintaining a secure container environment and cover the entire container stack from host, daemon, image to container.

    Troy Fisher

    Enter this session

  • Krithika will focus on key security strategies and best practices to design and implement a highly secure API system in a hybrid cloud environment. She will outline the architecture and features of APIConnect and DataPower Gateway and how they can be used in a truly seamless manner.  Understanding the various layers of security and the key concepts in applying the right security standard will tremendously help in securing enterprises. IBM APIConnect and DataPower Gateway can manage and secure APIs without compromising on the performance.  As you build your applications and services for the cloud, application security cannot be an an after thought and should be built from the ground up.

    Krithika Prakash

    Enter this session

  • Encryption keys and passwords are "keys to the kingdom." Acquiring them allows attackers to open all kinds of doors, and yet developers are often careless. As a result, keys fall victim to reverse engineering and software vulnerabilities such as Path Traversal, XML External Entities (XXE), Local File Inclusion, and others. Ron will review the most common methods of storing credentials and best practices for storing them, such as using key stores. However, an important issue remains -- how do you secure the Master Key? The security of this "key that secures other keys" or the Key Encrypting Key (KEK) is critical. Ron will discuss several low cost, preferred ways for securely storing KEKs, from hardware to software, and their relative costs, including a novel approach that is resistant to remote attacks up to and including path traversal vulnerabilities.

    Ron Craig

    Enter this session

  • The closing keynote will detail the three trends having the most dramatic influence on cybersecurity programs and investments today.

    Bob Kalka

    Enter this session

  • During the Kubernetes Networking hands-on lab you will learn Kubernetes Networking essentials and gain hands-on skills to implement access control to your cluster using service types from ClusterIP, NodePort, LoadBalancer to Ingress and Network Policies with Calico.

    Aya Tokura

    Enter this session

Meet the speakers

We've assembled the best technical leaders across IBM and Red Hat to share their expertise and help elevate your skills with the open source techniques you want for the technology you need.

  • Aya Tokura

    Senior Developer Advocate (IBM)

  • Beat Buesser

    Research Staff Member (IBM Research)

  • Bob Kalka

    CRISC, CDPSE, Vice President of the IBM Security Business Unit (IBM)

  • Brandon Lum

    Senior Software Engineer, Container Security, at IBM Research

  • Charles Brown

    Distinguished Engineer (DE), Cloud Engagement Hub, Financial Services Ready Cloud (IBM)

  • Chris Poole

    Lead Developer Advocate & Master Inventor

  • Chris Weber

    IBM Cloud Garage Developer

  • Dan Walsh

    "Mr SELinux" Senior Distinguished Engineer (SDE), Head of Container Engineering (Red Hat)

  • Enrique Encalada

    Software Engineer, IBM

  • Gregory I Hanson

    Istio Contributor, Staff Software Engineer (IBM)

  • Harmeet Singh

    Client Solutions Architect, IBM Global Markets

  • Ilene Seelemann

    Senior Technical Staff Member (STSM), IBM Garage Cloud Architect and Security Technical Lead

  • Jan Cerny

    Software Engineer - Platform Security, Red Hat

  • Jayashree Ramanathan

    Chief Security and Governance Architect, Red Hat

  • Jordan Zhang

    Senior Software Developer, IBM

  • Kris Nova

    Chief Open Source Advocate, Sysdig

  • Krithika Prakash

    Senior Technical Staff Member (STSM), Cloud Integration Architect

  • Mariusz Sabath

    IBM Master Inventor, Senior Software Engineer, Next Generation Containers and Cloud Technologies (IBM Research)

  • Matt Levan

    Storage Solutions Architect (IBM)

  • Nigel Brown

    Developer Advocate (IBM)

  • Oliver Rodriguez

    Client Developer Advocate at IBM

  • Ron Craig

    Program Manager, Secure Engineering (IBM)

  • Rosalind Radcliffe

    Distinguished Engineer, Chief Architect for DevOps for Enterprise Systems

  • Simon Lukasik

    Principal Software Engineer, Red Hat

  • Stefan Schmitt

    Senior Technical Staff Member (STSM), IBM Hyper Protect Cloud Services (IBM)

  • Troy Fisher

    Ethical Hacker, X-Force Ethical Hacking Team, at IBM

See all the speakers

Earn digital badges

A digital badge is an online, shareable, industry-wide, recognizable form of achievement. You can use them to showcase your hard work and commitment to professional growth.

Cloud Native Security - Application Security
Cloud Native Security - Data Security
Cloud Native Security - DevSecOps