DevSecOps in Kubernetes - Thomas Fricke

About the video

Practical experiences implementing security in critical infrastructure projects. The talk is about how to or how to not implement cloud native projects in highly regulated environments. You will get some insights into real world projects where Kubernetes is used to run the latest applications controlling critical infrastructure in Germany and Europe. The examples include container hardening and how to convince developers to deliver minimal and compliant containers, onboarding security team members to get the Sec into DevOps, running CI/CD pipelines with 3rd party vendors, air gapped cloud native architectures and running clusters with the highest availability.