CloudNativeSecurityCon North America 2023: Schedule

7:30am PST

Continental Breakfast 🥐 6ABC Lobby Badge Pick-Up + Vaccine or Negative COVID-19 Test Verification 6ABC Lobby

9:00am PST

Keynote: Welcome + Opening Remarks - Priyanka Sharma, Executive Director, Cloud Native Computing Foundation Room 6AB

9:15am PST

Keynote: Fighting The Next War - Future Threats to OSS and Software Supply Chain Security - Brian Behlendorf, Managing Director, Open Source Security Foundation Room 6AB

9:30am PST

Sponsored Keynote: Cloud Security’s Hidden Force: Threat Detection - Loris Degioanni, Founder and CTO, Sysdig Room 6AB

9:35am PST

Keynote: Picture this! Solving Security Problems Visually with eBPF - Liz Rice, Chief Open Source Officer, Isovalent Room 6AB

9:50am PST

Sponsored Keynote: From Google to NIST — The Future of Cloud Native Security - Zack Butcher, Founding Engineer in Product, Tetrate Room 6AB

9:55am PST

Keynote: Learn by Hacking: How to Run a 2,500 Node Kubernetes CTF - Andrew Martin, CEO, ControlPlane & Andrés Vega, VP of Operations, ControlPlane Room 6AB

10:10am PST

Sponsored Keynote: Why Developer Laptop Security is Key to Securing Your CI/CD Pipeline - Saurabh Wadhwa, Senior Solutions Engineer, Uptycs Room 6AB

10:15am PST

Keynote: Closing Remarks - Emily Fox, Security Engineer, Apple; Liz Rice, Chief Open Source Officer, Isovalent; Brandon Lum, Software Engineer, Google Room 6AB

10:30am PST

Coffee Break ☕ Halls 6CE Solutions Showcase Halls 6CE

11:00am PST

Cryptographic Agility: Preparing Modern Apps for Quantum Safety and Beyond - Natalie Fisher, VMware Room 608 Identity Based Segmentation for a ZTA - Zack Butcher, Tetrate & Ramaswamy Chandramouli, National Institute of Standards and Technology Room 609 Network Security at Scale: L3 Through L7 at Splunk - Mitch Connors, Aviatrix & Bernard Van De Walle, Splunk Room 612 Standardization and Security - A Perfect Match - Ravi Devineni & Vinny Carpenter, Northwestern Mutual Room 602/603 How to Secure Your Supply Chain at Scale - Hemil Kadakia & Yonghe Zhao, Yahoo Room 606/607

11:50am PST

Yes, Application Security Leads to Better Business Value. Learn How from Experts. - Larry Carvalho, RobustCloud; Hillary Benson, Gitlab; Kirsten Newcomer, Red Hat; David Zendzian, VMware Room 608 On Establish a Production Zero Trust Architecture - Frederick Kautz, SPIFFE/SPIRE Room 612 What's a Zero-Trust Tunnel? Exploring Security and Simpler Operations with Istio Ambient Mesh - Jim Barton & Marino Wijay, Solo.io Room 609 An Introduction to Cloud Native Capture the Flag - Andrew Martin & Andres Vega, ControlPlane Room 615/616 More Than Just a Pretty Penny! Why You Need Cybersecurity in Your Culture - Callan Andreacchi & Michaela Flatau, Defense Unicorns Room 602/603 Package Transparency for WebAssembly Registries - Kyle Brown, SingleStore Room 606/607 So You Want to Run Your Own Sigstore: Recommendations for a Secure Setup - Hayden Blauzvern, Google Room 613/614

12:25pm PST

EmpowerUs Cloud Native Security Lunch Halls 6CE Lunch 🍲 Halls 6CE

1:55pm PST

⚡ Lightning Talk: Software Dark Matter is the Enemy of Software Transparency - Santiago Torres-Arias, Purdue University Room 602/603 Cloud Native Security Landscape: Myths, Dragons, and Real Talk - Edd Wilder-James & Loris Degioanni, Sysdig; Kim Lewandowski, Chainguard; Isaac Hepworth, Google; Randall Degges, Snyk Room 608 Avoiding IAC Potholes with Policy + Cloud Controllers - Andrew Martin, ControlPlane Room 609 From the Cluster to the Cloud: Lateral Movements in Kubernetes - Yossi Weizman & Ram Pliskin, Microsoft Room 612 OmniBOR: Bringing the Receipts for Supply Chain Security - Frederick Kautz, SPIFFE/SPIRE Room 606/607 Securing Self-Hosted GitHub Actions with Kubernetes and Actions-Runner-Controller - Natalie Somersall, GitHub Room 613/614

2:00pm PST

⚡ Lightning Talk: A Secure Software Supply Chain for Open Policy Agency (OPA) Policies - Omri Gazitt, Aserto Room 602/603

2:05pm PST

⚡ Lightning Talk: My First Supply Chain Security Pull Request as a 13-Year-Old - Neil Naveen, Middle School Room 602/603

2:10pm PST

⚡ Lightning Talk: Cloud(Security)Events -- A Lightweight Framework for Security Reactions - Evan Anderson, VMware Room 602/603

2:15pm PST

⚡ Lightning Talk: Securing Your Source Repositories - 5 Tips to Get Started! - Billy Lynch, Chainguard Room 602/603

2:45pm PST

Beyond Cluster-Admin: Getting Started with Kubernetes Users and Permissions - Tiffany Jernigan, VMware Room 608 Zero Trust Workload Identity in Kubernetes - Michael Peters, Red Hat Room 609 From Illuminating to Eliminating Crypto Jacking Techniques in Cloud Native - Mor Weinberger, Aqua Security Room 612 Demystifying Zero-Trust for Cloud Native Technologies - Kishore Nadendla, TIAA; Mariusz SABATH, IBM Research; Asad Faizi, Eskala.io; Aradhna Chetal, CNCF Security TAG; Philip Griffiths, NetFoundry Room 602/603 Unpacking Open Source Security in Public Repos & Registries - Ben Hirschberg, ARMO Room 613/614 🦝 Let’s Talk Software Supply Chains with TAG Security - Michael Lieberman, Kusari Room 606/607

3:20pm PST

Coffee Break ☕ Halls 6CE

3:50pm PST

Who Are You? I Really Want to Know… the Magic Behind OIDC - Eddie Zaneski, Chainguard Room 608 Securing User to Service Access in Kubernetes - Maya Kaczorowski & Maisem Ali, Tailscale Room 609 Get Your Security Priorities Straight! How to Identify Workloads Under Real Threat with Context - Ben Hirschberg, ARMO & Arie Haenel, Intel Room 612 Security as Code: A DevSecOps Approach - Xavier René-Corail, GitHub Room 602/603 How Do You Trust Your Open Source Software? - Naveen Srinivasan, Endor Labs & Brian Russell, Google Room 613/614 Verifiable GitHub Actions with eBPF - Jose Donizetti & Itay Shakury, Aqua Security Room 606/607

4:40pm PST

Cloud Native Security 101: Building Blocks, Patterns and Best Practices - Rafik Harabi, Sysdig Room 608 Improving Secure Pod-to-Pod Communication Within Kubernetes Using Trust Bundles - Thomas Edward Hahn, TCB Technologies, Inc & Mark Hahn, Qualys Room 609 Finding the Needles in a Haystack: Identifying Suspicious Behaviors with eBPF - Jeremy Cowan & Wasiq Muhammad, Amazon Web Services Room 612 Security Does Not Need to Be Fun: Ignoring OWASP to Have a Terrible Time - Dwayne McDaniel, GitGuardian Room 602/603 Securing Diverse Supply Chains Across Interconnected Systems - Wayne Starr, Defense Unicorns & Aaron Creel, SpaceX Room 606/607

5:15pm PST

Sponsor Booth Crawl Halls 6CE

7:30am PST

Continental Breakfast 🥐 6ABC Lobby Badge Pick-Up + Vaccine or Negative COVID-19 Test Verification 6ABC Lobby

9:00am PST

Keynote: Opening Remarks - Liz Rice, Chief Open Source Officer, Isovalent Room 6AB

9:05am PST

Keynote: Panic in San Francisco: The Critical Vulnerability That Wasn't - Shane Lawrence, Staff Infrastructure Security Engineer, Shopify Room 6AB

9:20am PST

Sponsored Keynote: OpenClarity: A Community-Led Approach to Cloud-Native Application Security - Sarabjeet Chugh, Senior Director, Global Head of Product-Led Growth, Cisco Room 6AB

9:25am PST

Keynote: It Takes a Community to Raise a Conference: From Security Day to CloudNativeSecurityCon - Emily Fox, Security Engineer, Apple Room 6AB

9:40am PST

Keynote: Back to the Future: Next-Generation Cloud Native Security - Matt Jarvis, Director of Developer Relations, Snyk Room 6AB

9:55am PST

Sponsored Keynote: Trust and Risk in the Software Supply Chain - Emmy Eide, Director, Product Security, Red Hat Room 6AB

10:00am PST

Keynote: The Next Steps in Software Supply Chain Security - Brandon Lum, Software Engineer, Google Room 6AB

10:15am PST

Sponsored Keynote: Kubernetes is the Perfect Platform for Enforcing Zero Trust Security - Fei Huang, VP Security Product Strategy, SUSE Room 6AB

10:20am PST

Keynote: Closing Remarks - Emily Fox, Security Engineer, Apple; Liz Rice, Chief Open Source Officer, Isovalent; Brandon Lum, Software Engineer, Google Room 6AB

10:30am PST

Coffee Break ☕ Halls 6CE Solutions Showcase Halls 6CE Capture The Flag Experience Room 615/616

11:00am PST

Journey to Cloud-Native, K8s and Trying to Secure It. - Graham E. Chukwumaobi, Independent Room 608 Zero Trust in the Cloud with WebAssembly and WasmCloud - Kevin Hoffman, Cosmonic Room 609 Mapping Motives Tells a Story: Analysis of 2,000 Enterprise Cloud Detections - David Wolf & Joshua Smith, Devo Room 612 Learning from Supply Chain Failures and Best Practices in Other Industries - Demian Ginther, Superorbital, LLC Room 613/614 SBOMs, VEX, and Kubernetes - Kiran Kamity, Deepfactor; Jonathan Meadows , Citi; Dr. Allan Friedman, Cybersecurity and Infrastructure Security Agency; Andrew Martin, Control Plane; Rose Judge, VMware Room 606/607 Tutorial: How to Build a K8s Admission Controller from Scratch! - Stephen Giguere, Bridgecrew; Angela Gizzi, LaunchDarkly; Matt Johnson, Prisma Cloud by PANW Room 602/603

11:50am PST

Handling JWTs: Understanding Common Pitfalls - Bruce MacDonald, InfraHQ Room 608 Good Fences Make Good Neighbors: Making Cross-Namespace References More Secure with ReferenceGrant - Nick Young, Isovalent Room 609 CSI Container: Can You DFIR It? - Alberto Pellitteri & Stefano Chierici, Sysdig Room 612 Delivering Secure Healthcare Applications with OSS - Robert Wood, Centers for Medicare and Medicaid Services (CMS) & Gedd Johnson, Defense Unicorns Room 613/614 Self Healing GitOps: Continuous, Secure GitOps Using Argo CD, Helm and OPA - Upkar Lidder , Tenable Room 606/607

12:25pm PST

Lunch 🍲 Halls 6CE 🦝 TAG Security Lunch Halls 6CE

1:55pm PST

🦝 Security Threat Modeling Live from Scratch Session - Andrew Martin, Control Plane Room 608 Solving Multi-Service Without a Service Mesh - Evan Anderson, VMware Room 609 The Four Golden Signals of Security Observability - Duffie Cooley, Isovalent Room 612 Container Factory for Aerospace & Defense Enterprises - Sarah Miller & Melissa Robertson, Collins Aerospace Room 613/614 Spicing up Container Image Security with SLSA & GUAC - Ian Lewis, Google Room 606/607 Tutorial: Hands-on Hacking Kubernetes and Ways to Prevent It - Eric Smalling, Snyk Room 602/603

2:45pm PST

🦝 A Sneak Peak Into Security Reviews with the Community - Ragashree MC, Carnegie Mellon University Room 608 Taming Attestation for the Cloud Native World with Parsec - Paul Howard, Arm Room 609 Do This, Not That – Lessons from 7 Headline Grabbing Security Breaches - Maya Levine, Sysdig Room 612 12 Essential Requirements for Policy Enforcement and Governance with OSCAL - Robert Ficcaglia, SunStone Secure, LLC Room 613/614 Modifying the Immutable: Attaching Artifacts to OCI Images - Brandon Mitchell, BoxBoat, an IBM Company Room 606/607

3:20pm PST

Coffee Break ☕ Halls 6CE

3:50pm PST

Securing the Superpowers: Who Loaded That EBPF Program? - John Fastabend & Natalia Reka Ivanko, Isovalent Room 608 When SysAdmins Quit: Protecting Kubernetes Clusters When the Owner of Multiple Admin KUBECONFIGs Quits - Arun Krishnakumar, VMware Room 609 Container Patching: Making It Less Gross Than the Seattle Gum Wall - Greg Castle & Weston Panther, Google Room 613/614 🦝 TAG Security Cloud Native Security Whitepapers Overview - Shlomo Zalman Heigh, CyberArk Room 602/603 Not All That’s Signed Is Secure: Verify the Right Way with TUF and Sigstore - Zachary Newman, Chainguard, Inc. & Marina Moore, New York University Room 612 Security That Enables: Breaking Down Security Silos in the DevOps Ecosystem - Saurabh Wadhwa, Uptycs Room 606/607

4:40pm PST

CNI or Service Mesh? Comparing Security Policies Across Providers - Rob Salmond, SuperOrbital & Christine Kim, Google Room 608 Security++: Hide Your Secrets via a Distributed Hardware Security Module - Iris Ding & Malini Bhandaru, Intel Room 609 Sharing Security Secrets: How to Encourage Security Advocates - Cailyn Edwards, Shopify Room 613/614 "Keyless" Code Signing Without Fulcio - Nathan Smith, Chainguard Room 606/607 Leveraging SBOMS to Automate Packaging, Transfer, and Reporting of Dependencies Between Secure Environments - Ian Dunbar-Hall & Jerod Heck, Lockheed Martin Room 612