ControlPlane at KubeCon NA '23 Chicago

KubeCon North American 2023 is this week, and ControlPlane is proud to both sponsor and participate in community events. Here’s a list of our activities across the week - add us to your schedule and come and learn from our team about the latest trends and developments in Cloud Native security.

• Monday 6th November
  • Kubernetes Contributor Summit
  • EnvoyCon
  • ArgoCon
• Tuesday 7th November
  • SECURITY HUB: An Introduction to Cloud Native Capture the Flag
• Wednesday 8th November
  • #SECURITY HUB: Capture the Flag
• Book Signing
• Booth

Monday 6th November

Kubernetes Contributor Summit

Join us for an exciting talk on Updating the Kubernetes Threat Model!

“Dive into the world of Kubernetes security and threat modeling as we unveil the latest initiative from the community to refresh the Kubernetes threat model, making the entire process transparent and well-documented. This effort will serve as a valuable template and “how to” guide for all Kubernetes and CNCF projects, enabling them to enhance their threat modeling practices.”

📅 When: November 6, 2023 - 11:45am - 12:15pm CST

🗣️ Speakers: Robert Ficcaglia & Francesco Beltramini

📍 Location: Regency Ballroom A/B:

EnvoyCon

Join us at this year’s co-located EnvoyCon for a riveting session threat modelling focusing on the Envoy Gateway Project!

“Navigate through the nuances of Envoy Gateway, an open source project aimed at managing Envoy Proxy as a Kubernetes-based (or standalone) application gateway. Envoy Gateway is configured by Gateway API resources (successor to Kubernetes Ingress) that are used to provision and configure managed Envoy Proxies. Our session looks to discuss a detailed Envoy Gateway Threat Model curated by ControlPlane at the behest of the Linux Foundation, and to share our findings with the open-source community.”

📅 When: Monday 6th November - 2:40pm - 3:05pm CST

🗣️ Speakers: Torin van den Bulk & James Callaghan

📍 Location: W175abc

ArgoCon

Tune in Monday, November 6th for an engaging presentation exploring the ArgoCD End-User Threat Model at this years co-located ArgoCon.

📅 When: Monday 6th November 3:15 pm - 3:40 pm CST

🗣️ Speakers:Francesco Beltramini & James Callaghan

📍 Location: W185abc

⛵Explore the intersection of declarative GitOps and security as we showcase an in-depth threat model of ArgoCD, deployed in multi-tenant mode to simulate end-user implementation. Listeners will be guided through high priority findings and attack trees that showcase potential exploits in unhardened GitOps deployments that may elude the untrained eye

Tuesday 7th November

SECURITY HUB: An Introduction to Cloud Native Capture the Flag 🛡️

Dive into the world of Kubernetes and offensive security by participating in our thrilling Capture The Flag (CTF) challenge!

“The Cloud Native Capture The Flag (CTF) is available to all in-person KubeCon + CloudNativeCon North America attendees. In preparation for getting started with the activity, you are invited to attend an introductory session.

This session aims to introduce how to participate in CTF competition to those who are new to them. We will share our tips and tricks for completing these challenges and work through a practice scenario together.”

What to Expect:

• 🤯 Mind-bending security puzzles, that put your hacking skills to the test
• 🕵️ Let loose your inner hacker within a safe, controlled Kubernetes (k8s) cluster environment
• 🌐 Learn and network with fellow hacking enthusiasts

📅 When: Tuesday 7th November - 11:55am & 15:25pm CST

🗣️ Hosts: Andrew Martin & Kevin Ward

📍 Location: Room W470ab

Wednesday 8th November

SECURITY HUB: Capture the Flag 🛡️

Join us for the Ultimate Tech Showdown with our CEO Andrew Martin and Principal Consultant Kevin Ward 🚀

“Delve deeper into the dark and mysterious world of Cloud Native security! Discover weaknesses in systems and exploit them to pivot inside the target infrastructure, utilize your position to hunt for flags, and hopefully learn something new along the way!

Attendees can play three increasingly treacherous and demanding scenarios to bushwhack their way through the dense jungle of Cloud Native security. Everybody is welcome, from beginner to seasoned veterans, as we venture amongst the low-hanging fruits of insecure configuration and scale the lofty peaks of cluster compromise!”

📅 When: Wednesday 8th November - 10:45am CST

🗣️ Hosts: Andrew Martin & Kevin Ward

📍 Location: Room W470ab

Book Signing

Don’t miss your chance to score a signed copy of Hacking Kubernetes by our CEO Andrew Martin and Michael Hausenblas. Head over to the O’Reilly Booth at 2pm sharp to grab your copy and meet the authors.

📍 Where: O’Reilly Booth B13

🕒 When: Wednesday 8th November 14.00 CST

Booth:

We are at booth O26 right by the Cloud Native Corner Store. Drop by, meet our awesome team, discover who we are and explore what we can do for you in the world of cloud native technology. We’re here to share our passion for all things Kubernetes and tell you all about what we do. Plus there are plenty of awesome award winning swag waiting for you. Come say hello!

We are eager to catch up with you, share insights and explore the latest developments in Kubernetes and cloud security. If you’d like to schedule a specific meeting or have any questions, please feel free to reach out to us here.

Safe travels and we look forward to seeing you there! 🚀