Andreas Falk has been working in enterprise application development projects for more than twenty years. Currently, he is working as a managing consultant for Novatec Consulting located in Germany. In various projects, he has since been around as consultant, architect, coach, developer, and tester. His focus is on the agile development of cloud-native enterprise java applications using the complete Spring platform. As a member of the Open Web Application Security Project (OWASP) and the OpenID Foundation, he likes to have a closer look at all aspects of application security as well. Andreas is also a frequent speaker at conferences and giving workshops.
With the rise of deploying applications to Kubernetes, developers cannot just stick to coding anymore. Instead we as developers have to deal with DevOps tasks like creating deployment manifests, providing the configuration and supporting logging and monitoring. All these things have to be done with security in mind.
To fully understand how to deploy secure applications into Kubernetes you have to understand the security concepts of containers.
This is why we will at first start into this deep dive session by looking into linux security basics that are important for containers.
Then we will step-by-step build and deploy a cloud-native java application to Kubernetes by following recommended security best-practices. During this talk you will learn more about building and scanning your container images, Kubernetes RBAC, pod security policies, open policy agent, secure secrets management and more.
Scheduled on Saturday from 12:10 to 14:10 in Stream 3