2025-09-16 –, Bierstadt Lagerhaus Stage
Ozzie the Overconfident Operator has secured their cluster! They have done it all: role-based access control, encryption at rest, TLS…and as they congratulate themself on a job well done, Nova the Nefarious Ne’er-do-well watches from around the corner, drooling with anticipation. Spoiler alert⎯Ozzie is about to get HACKED.
In this talk, the speakers play the characters of Ozzie and Nova and playfully demo cluster security as Nefarious Nova exploits each of Ozzie’s security decisions. What can Overconfident Ozzie do when Nova gets the upper hand? How can Ozzie proactively keep Nova’s threats at bay?
Take security beyond the firewall and discover cloud native security concepts such as identity management, container image scanning and signing, creating and implementing policies, runtime security, and secrets management.
Learn security basics alongside Overconfident Ozzie, who is sure the cluster is COMPLETELY secure this time. There is nothing Nova can do to break… uh-oh. Not again!
‘Cluster security’ sounds innocent enough but once you scratch the surface you realize that there are actually a huge number of concerns that fall under this umbrella - with an even bigger number of tools and solutions. ‘Cluster security’ encompasses topics such as access control, cluster policy, runtime policy, managing confidential information, container image signing, image scanning, oh and what exactly is in your image, do you even know?
As a beginner how do you start learning this mountain of material? And there is a lot at stake!
Lewis Denham-Parry and I created the ‘Ozzie the Overconfident Operator’ and ‘Nova the Nefarious Ne’er-do-well’ characters to make learning these security concepts more tangible, accessible, and entertaining. And while I don’t expect to be able to address all facets of security during our talk, I do intend to teach the basics in a fun, memorable, and inclusive way that gives attendees a strong foundation for future learning.
Whitney is a kind and welcoming human who enjoys understanding and using tools in the cloud native landscape. Creative and driven, she has created and delivered two KubeCon keynotes, a VMware Explore keynote, and countless fun, funny, and informative community conference keynotes. You can catch her lightboard streaming show ⚡️ Enlightning on her YouTube channel, she co-hosts the streaming show You Choose! - a 'Choose-Your-Own-Adventure'-style journey through the CNCF landscape, she is one of the hosts of Cloud Native Live on the CNCF YouTube channel, and she co-hosts the podcast Software Defined Interviews. Whitney is a Senior Technical Advocate at Datadog.