Cloud Native Security

Digital Developer Conference

On-demand Replays

The Digital Developer Conference: Cloud Native Security is your free opportunity to develop skills with the leading open source tools needed to build smart and secure cloud native applications. Led by subject matter experts from IBM and Red Hat, these session and lab replays offer beginners and experts alike an opportunity to explore techniques in Application Security, Data Security, and DevSecOps.

Application Security

Protect your application and secure cluster access, network, pods and containers, keys and credentials.

Day 1: July 1, 2020

  • Speakers: Dan Walsh

    The Opening Keynote will cover ideas on container security. Dan will explain the three entities involved in running a container, and explain how each entity has influence on the security of the container. Dan will explain ideas on how we can do this in as user friendly manner as possible.

  • Speakers: Chris WeberIlene Seelemann

    Ilene uses an example of a simple cloud native web application to discuss how, where and when to apply a security-centric approach to build a secure solution. She will touch on topics like secure handling of credentials, secure coding practices and DevSecOps. She will discuss development-time considerations, as well as runtime considerations.

  • Speakers: Chris PooleMatt Levan

    This talk will begin with a technical overview of IBM Cloud Hyper Protect Virtual Servers, providing a Linux-based environment on IBM Z to develop secure applications. Then from the IBM Storage team, we learn how they've developed open source plug-ins based on CSI specification to connect high performance file and block storage arrays to container frameworks so that applications can be securely deployed on persistent storage.

  • Speakers: Jayashree Ramanathan

    Enterprises must meet internal standards for software engineering, secure engineering, resiliency, security, and regulatory compliance for workloads hosted on hybrid clouds. Doing so using manual processes is error prone and expensive, and also makes it hard to easily determine overall security and compliance posture. A policy based governance approach addresses these concerns, allows enterprises to gain visibility and drive remediation for various security and configuration aspects to meet enterprise standards and making it easier for enterprises to adopt secure hybrid cloud. Further, applying this governance approach using "open source" principles results in collaboration across multiple vendors and standards organizations. Jaya will illustrate this approach using the Open Cluster Management community project and Red Hat Advanced Cluster Management product offering that utilizes this project.

  • Speakers: Troy Fisher

    Secure containers are the fundamental building blocks of secure Kubernetes pods. Troy will talk about building and maintaining a secure container environment and cover the entire container stack from host, daemon, image to container.

  • Speakers: Krithika Prakash

    Krithika will focus on key security strategies and best practices to design and implement a highly secure API system in a hybrid cloud environment. She will outline the architecture and features of APIConnect and DataPower Gateway and how they can be used in a truly seamless manner.  Understanding the various layers of security and the key concepts in applying the right security standard will tremendously help in securing enterprises. IBM APIConnect and DataPower Gateway can manage and secure APIs without compromising on the performance.  As you build your applications and services for the cloud, application security cannot be an an after thought and should be built from the ground up.

  • Speakers: Ron Craig

    Encryption keys and passwords are "keys to the kingdom." Acquiring them allows attackers to open all kinds of doors, and yet developers are often careless. As a result, keys fall victim to reverse engineering and software vulnerabilities such as Path Traversal, XML External Entities (XXE), Local File Inclusion, and others. Ron will review the most common methods of storing credentials and best practices for storing them, such as using key stores. However, an important issue remains -- how do you secure the Master Key? The security of this "key that secures other keys" or the Key Encrypting Key (KEK) is critical. Ron will discuss several low cost, preferred ways for securely storing KEKs, from hardware to software, and their relative costs, including a novel approach that is resistant to remote attacks up to and including path traversal vulnerabilities.

  • Speakers: Bob Kalka

    The closing keynote will detail the three trends having the most dramatic influence on cybersecurity programs and investments today.

  • Speakers: Aya Tokura

    During the Kubernetes Networking hands-on lab you will learn Kubernetes Networking essentials and gain hands-on skills to implement access control to your cluster using service types from ClusterIP, NodePort, LoadBalancer to Ingress and Network Policies with Calico.

Meet the speakers

We've assembled the best technical leaders across IBM and Red Hat to share their expertise and help elevate your skills with the open source techniques you want for the technology you need.

  • Aya Tokura

    Senior Developer Advocate (IBM)

    View this speaker
  • Beat Buesser

    Research Staff Member (IBM Research)

    View this speaker
  • Bob Kalka

    CRISC, CDPSE, Vice President of the IBM Security Business Unit (IBM)

  • Brandon Lum

    Senior Software Engineer, Container Security, at IBM Research

    View this speaker
  • Charles Brown

    Distinguished Engineer (DE), Cloud Engagement Hub, Financial Services Ready Cloud (IBM)

  • Chris Poole

    Lead Developer Advocate & Master Inventor

    View this speaker
  • Chris Weber

    IBM Cloud Garage Developer

  • Dan Walsh

    "Mr SELinux" Senior Distinguished Engineer (SDE), Head of Container Engineering (Red Hat)

  • Enrique Encalada

    Software Engineer, IBM

  • Gregory I Hanson

    Istio Contributor, Staff Software Engineer (IBM)

  • Harmeet Singh

    Client Solutions Architect, IBM Global Markets

  • Ilene Seelemann

    Senior Technical Staff Member (STSM), IBM Garage Cloud Architect and Security Technical Lead

  • Jan Cerny

    Software Engineer - Platform Security, Red Hat

  • Jayashree Ramanathan

    Chief Security and Governance Architect, Red Hat

  • Jordan Zhang

    Senior Software Developer, IBM

  • Kris Nova

    Chief Open Source Advocate, Sysdig

  • Krithika Prakash

    Senior Technical Staff Member (STSM), Cloud Integration Architect

    View this speaker
  • Mariusz Sabath

    IBM Master Inventor, Senior Software Engineer, Next Generation Containers and Cloud Technologies (IBM Research)

  • Matt Levan

    Storage Solutions Architect (IBM)

  • Nigel Brown

    Developer Advocate (IBM)

  • Oliver Rodriguez

    Client Developer Advocate at IBM

    View this speaker
  • Ron Craig

    Program Manager, Secure Engineering (IBM)

  • Rosalind Radcliffe

    Distinguished Engineer, Chief Architect for DevOps for Enterprise Systems

    View this speaker
  • Simon Lukasik

    Principal Software Engineer, Red Hat

  • Stefan Schmitt

    Senior Technical Staff Member (STSM), IBM Hyper Protect Cloud Services (IBM)

    View this speaker
  • Troy Fisher

    Ethical Hacker, X-Force Ethical Hacking Team, at IBM

    View this speaker

See all the speakers

Earn digital badges

A digital badge is an online, shareable, industry-wide, recognizable form of achievement. You can use them to showcase your hard work and commitment to professional growth.

Cloud Native Security - Application Security
Cloud Native Security - Data Security
Cloud Native Security - DevSecOps