Loading…
In-person + Virtual
18-21 April
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
Friday, April 21 • 14:55 - 15:30
Practical Challenges with Pod Security Admission - V Körbes & Christian Schlotter, VMware

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.


A big reason we love Pod Security Admission is that it's so easy and simple to use. But here's a challenge that comes with implementing Pod Security Admission: there's always a workload that needs too many privileges to run, and then it needs to get a pass from the security controls. One way to address this unsecured footprint is to break down all the different services, applications, and packages into their separate component parts, leaving the bits that need privileges privileged, and locking down everything else. There's a whole art to that – we'll talk about it. But 'principle of least privilege' doesn't mean zero privilege so... What do we do when that privilege gets exploited? We welcome it with a node that has nothing valuable whatsoever, is what! And there's a whole art to that too – we'll talk about it. In this presentation attendees will get an overview of the challenges that come with implementing Pod Security Admission in the real world, and tap on the speaker's experience working with partner companies to solve them.
Speakers
avatar for V Körbes

V Körbes

Senior Product Line Manager, VMware
At VMware, V works on security for Tanzu Kubernetes Platform. Before that, they’ve done extensive work in the development experience side of the Kubernetes ecosystem, as Head of Product at Tilt, and previously at Garden. They got their start in the ecosystem by building Kubernetes... Read More →
avatar for Christian Schlotter

Christian Schlotter

Senior Member of Technical Staff, VMware
Christian is a Senior Member of Technical Staff at VMware.He is an active contributor and reviewer to the Cluster API project of SIG Cluster Lifecycle as well as emeritus maintainer of the Cluster API Provider OpenStack. Since messing up his fathers internet dial-up connection in... Read More →

Practical Challenges With Pod Security Admission pdf
Friday April 21, 2023 14:55 - 15:30 CEST
Auditorium + Balcony | Ground + First Floor | Congress Centre
  Security + Identity