February 1-2, 2023 | Seattle, WA
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for CloudNativeSecurityCon North America 2023 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -8. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
Back To Schedule
Wednesday, February 1 • 1:55pm - 2:30pm
Cloud Native Security Landscape: Myths, Dragons, and Real Talk - Edd Wilder-James & Loris Degioanni, Sysdig; Kim Lewandowski, Chainguard; Isaac Hepworth, Google; Randall Degges, Snyk

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The open source security landscape is moving fast, and affects you at all parts of the software lifecycle, from creating open source, to consuming it, to remedying vulnerabilities and detecting threats at runtime. The sheer number of moving parts represents great progress, but challenging when it comes to knowing what to prioritize. Do you like GUAC with your SLSA? Are you equipped to handle the latest OSS vulnerabilities? This panel will discuss where you should pay attention, what's real now, and what's coming in the future. Topics will include * From design-time to run-time: security is a multi-layer concern. All along the software development lifecycle, progress is being made in securing cloud-native, what are the most important projects to know about? * It's about the people, naturally: we're being told to "shift left" security focus to the developer, but are we ready for it? What are the challenges of connecting the security teams to developers and architects, and what really works? * What is real, what is myth? The field is full of hot takes, from grand ideas that won't take off, to draconian policies that throw the baby out with the bathwater. Where are the real risks, and how do you deal with the myths and the scares?


Edd Wilder-James

VP Open Source, Sysdig
Edd’s career spans open standards, open source, and data analytics, in roles covering technology, content, business, and strategy. At Sysdig, his team is committed to growing and investing in the open source security and observability stacks, including Falco, Prometheus and OPA... Read More →

Kim Lewandowski

Founder and Product, Chainguard
Kim Lewandowski — Co-Founder and Head of Product at Chainguard — is an engineer turned product manager. She started her career in the security space working for Lawrence Livermore Labs, and most recently worked for Google. She launched a number of cloud enterprise products and... Read More →

Isaac Hepworth

Product Manager, Google
Isaac is a Google product manager working on software supply chain integrity within Google’s core infrastructure team, focusing on open source. In this role his work has supported Google’s contributions to OpenSSF's Sigstore, SLSA, and most recently GUAC. Over the last couple... Read More →
avatar for Loris Degioanni

Loris Degioanni

CTO, Sysdig
Loris Degioanni is the CTO and founder of Sysdig. He is also the creator of the popular open source troubleshooting tool, sysdig, and the CNCF runtime security tool Falco. Prior to founding Sysdig, Loris was one of the original contributors to Wireshark, the open source network analyzer... Read More →
avatar for Randall Degges

Randall Degges

Head of Developer Relations & Community, Snyk
Randall leads Developer Relations and Community at Snyk. He has been writing software for ~20 years and has an extensive background in building and growing technical products.

Wednesday February 1, 2023 1:55pm - 2:30pm PST
Room 608
  101 Track