Malte Isberner is a Principal Engineer at StackRox, where he designs and builds the StackRox Kubernetes Security Platform. He has worked on a broad range of features, from kernel-level collection techniques over tools for simplifying the operationalization of security-relevant features like network policies, to the overall platform architecture. He is also Managing Director of StackRox's German subsidiary, StackRox GmbH, building out a Germany-based engineering team.
Malte holds a Ph.D. in Computer Science from TU Dortmund University. Before StackRox, he was working at Google to protect Android users from malicious and fraudulent applications.
Level Up Your Security—A Practical Path from Default to Defended
Do you know everything running in your clusters? Which pods would an attacker get to first, and would
they be able to burrow into the rest of your cluster?
This talk introduces a phased approach you can use to improve your Kubernetes security posture,
whether you’ve already made some progress or are just starting out. Find out practices that make
everyone’s lives easier, like writing useful annotations; controls you can adopt app-by-app, like ingress
network policies, read-only file systems, and resource limits; changes that are self-contained, like limiting
API server network access and replacing cluster-admins; and more. And, learn how you can encourage
security improvements by using enforcement with empathy.
You’ll leave with ideas on how to get your clusters in better security shape using native Kubernetes
controls, and how to stay friends with your teammates in the process.