By Joe Collins
DevSecCon London kicked off their event calendar for the year last night with their very first in-person event! Thank you to Sam Hepburn and the community team at Snyk for providing the amazing office space in Hackney as well as food and drink for all those who attended (sorry to those who joined remotely!).
We were first off taken on a journey through eBPF for Cloud Native Security by Liz Rice, Chief Open Source Officer @Isovalent. With demos galore, she showed off the potential for eBPF to help us in many areas, including security observability, network policy with Cilium and runtime protection with Tetragon.
Liz’s talk generated a lot of discussion, and there was no shortage of questions asked competing for the title of ‘best question’. With prizes on the line (copies of Liz’s books ‘Learning eBPF’ and ‘What is eBPF’), discussions around the dangers of malicious eBPF code and whether eBPF will make the sidecar model obsolete.
From whether the future of sidecars is in danger, to the talk of a thousand sidecars, our very own James Callaghan (Cloud Native Security Architect) and Ric Featherstone (Head of Engineering) took the stage next to discuss what can go wrong when you trust nobody.
The theme of the talk was threat modelling Zero Trust. James outlined the threat modelling process and how Zero Trust architectures can be built, based on the principles of cryptographically strong workload identity, and using policy engines to strictly enforce authorisation decisions based on workloads' identity documents.
Ric then demonstrated the benefits of building a working prototype when threat modelling, and showed off the example Zero Trust architecture in action. Ric’s demo included a custom method of signing Open Policy Agent (OPA) bundles, using keys stored in a cloud provider Key Management System.
If you aren’t currently a part of this community, it’s never too late to get involved. Sign up via this link - Get Involved | DevSecCon and we will hopefully see you at the next one!