11-10, 17:45–18:15 (MST), Theater
In the evolving cloud native landscape of software development, the paradigm of "shifting left" has championed embedding security, and its complexity, into the development lifecycle (SDLC). Platform Engineering challenges that convention by advocating for a "shift down" strategy—integrating a strong security posture as a core component of the platform, particularly with Kubernetes, rather than overwhelming the development teams.
Platform engineering teams can embed governance and scalable security controls within the infrastructure, freeing developers to focus on code and business value, instead of being an afterthought or a blocker for the developers productivity.
With this talk, attendees will walk away with real life examples based on successful implementations for regulated entities like financial companies, including actionable best practices about cloud native security controls and threat models.
In my current role at RBC - Royal Bank of Canada, I lead the Kubernetes Security program, overseeing security architecture, cloud threat research, threat modeling, and risk assessment of cloud designs and patterns.
Additionally, I collaborate closely with our strategic partners, cultivating and sustaining business relationships with third-party providers, including Microsoft/Google Product teams, and emerging cloud security startups.
Customer Success Engineer at Humanitec and CNCF Ambassador, I’m passionate about Cloud Native Computing technologies driven by Open Source, Cloud, Security, SRE, Containers, DevOps, Platform Engineering and Kubernetes. Based on my past experiences as software engineer, IT consultant and solution architect, I now focus my work more and more on usability of products, driven by how I could improve the developers and end-users experience with docs, samples and products.