I had an amazing time at #CNSCon this week! I learned so much and talked with so many interesting people!
Here is a brief recap of some of my highlights
https://buff.ly/4cGrio0

#CNSCon comes to a close with an extremely fun, colorful, and engaging session:
The Story of Crush: The Microservice That Navigated the Cloud Native Ocean with a SPIFFE Identity from Mattias Gees of Venafi & Tom Meadows from Testifysec

#CNSCon continues into the afternoon of day 2 with
IAM Confused: Decoding 8 Real World Cloud Identity Breaches from Maya Levine of Sysdig

A very informative talk at #CNSCon
"Guardians of the Dataverse: Securing the AI Supply and Data Chain" from Frederick Kautz of TestifySec

A food-filled session post lunch at #CNSCon:
"A Mouthful of Mayhem: Taste Test and Gut Response to SLSA, GUAC, and Supply Chain’s Plat Du Jour" from Shane Lawrence from Shopify

#CNSCon continues with
"How to Generate VEX Automatically for Your Project" from Shlomo Heigh of CyberArk & Ben Hirschberg of ARMO

"Vulnerability in image is NOT equal to an application exploit"

Amplifying Impact: Documentation and Supply Chain Security
from Michelle Irvine from the DORA team at Google Cloud at #CNSCon

"Security drives an organization's performance"

Final keynote at #CNSCon
"We’re VEXing the Cloud Native Landscape. Bring Your Code!" from Adolfo García Veytia, Staff Software Engineer at Stacklok

At #CNSCon we got the pleasure of seeing A Vision for a Secure Software Supply Chain from Dr. Marina Moore from New York University

Attackers know that attacking dependencies means they can reach more victims, much more effectively.

Sugar Ray.io on K8s: Shut the Door, Baby! from Google's Greg Castle & Cynthia Thomas
At #CNSCon

#CNSCon keeps on rolling with "Security Education Through the Art of Storytelling" from Ann Wallace, Director of Product Security Education at Okta

We are all storytellers. We all want to make emotional connections.

Day 2 of #CNSCon is off to the races with
"Securing Kubernetes, the Upstream Way" from Rey Lejano, Solutions Architect, Red Hat

Hey #CNSCon

I am going to Rock Box tonight around 9:00.
Come sing some karaoke
https://rockboxseattle.com/index.html

Already at the last session of day one of #CNSCon
Learn to Navigate the Perils and Pitfalls of Multi-Tenant Identity Infrastructure - Fabienne Bühler & Livio Spring, from Zitadel

API Security: Code-to-Cloud Context for Complete Protection - Idan Plotnik, Apiiro & Patrick Sullivan, Akamai

#CNSCon

Thanks to everyone who came to my talk at #CNSCon
Here are the slides from today

https://buff.ly/3VFrTPF

Time to get hands-on at #CNSCon
Tutorial: Demystifying and Enabling Workload Identity Across the Cloud Native Ecosystem - from Andrew Block, Anjali Telang, and Trilok Geer, Red Hat; and Mariusz Sabath and Maia Iyer, IBM

#Spiffe #Spire

A fascinating discussion of "The Let'sEncrypt for Software Signing" at #CNSCon
Sigstore: Past, Present and Future Directions - Luke Hinds, Stacklok & Bob Callaway, Google

This was a very informative session at #CNSCon
SaaC – Security as a Culture, the Distributed Advocacy - Deep Patel, Cisco

Somehow my pics of this session all failed to save to my phone /

#CNSCon Keynote Panel: TAG Security, You're It! -
Moderated by Eddie Knight, Sonatype
Dr. Marina Moore
John Kjell
Brandt Keller
Michael Lieberman