Hi [[ session.user.profile.firstName ]]

Kubernetes Open-Source Security: Falco + NATS + kubeless demo

Join us to learn about container runtime security, and how to secure your container runtime environment with Falco and Kubeless. We'll also demo Falco detecting abnormal behavior in a container, and Kubeless taking action on the compromised container.
Recorded Jun 12 2018 30 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Michael Ducy
Presentation preview: Kubernetes Open-Source Security: Falco + NATS + kubeless demo

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Sysdig Secure 2.0 Overview Oct 11 2018 5:00 pm UTC 60 mins
    Knox Anderson, Sysdig
    Using Docker containers? Deploying Kubernetes? How do you identify, remediate, and mitigate vulnerabilities from deployment to production?

    Join us for an overview of Sysdig Secure 2.0. In this webinar we’ll discuss
    how we bring together image scanning, run-time protection and forensics to help you identify vulnerabilities, block threats, enforce compliance, and audit activity across your microservices.
  • How to manage vulnerabilities in container environments Recorded: Sep 13 2018 23 mins
    Knox Anderson
    Containers have sped up the CI/CD process. It’s now easy to package up an application and deploy it in a matter minutes. This allows teams to move faster, and makes it easier to patch software that may contain vulnerabilities. However, this increase in speed has create a need for new processes and tooling.

    In this webinar we’ll cover:

    -How to scan images for vulnerabilities as part of the CI/CD process
    -Why it’s important to scan images in registries as well as part of the CI/CD pipeline
    -How to prevent vulnerable images from being deployed
    -How to alert if new vulnerabilities are found in images running in production
  • Multi-cloud monitoring with Sysdig Recorded: Sep 13 2018 32 mins
    Eric Carter
    Enterprises are taking advantage of AWS, Google, and Azure along with private data centers as they move toward a multi-cloud strategy. Thanks to container and orchestration technology, deploying and moving applications and services across clouds is easier than ever. But how do you monitor performance, health, and security across diverse, distributed infrastructure? And how do you see what’s happening inside your containers across clusters and regions to ensure you’re meeting your business goals?

    Watch this webinar to learn how Sysdig enables cross-cloud and multi-cloud monitoring, alerting, and troubleshooting with Docker and Kubernetes with full visibility into your microservices. In this session we will discuss and demo:

    -How to monitor containers running on multiple clusters in a multi-cloud environment
    -How to tap into EKS, GKE, and AKS to understand the health of your Kubernetes-based services
    -How to troubleshoot performance problems and failures across complex cloud deployments
  • Best Practices for Implementing Container Security Recorded: Aug 9 2018 57 mins
    Knox Anderson, Sysdig
    Containers have changed the way we build, deploy, run, and investigate what goes on with our applications. It’s critical to validate that you’ve configured your containers securely, they don’t include any vulnerabilities, and enforce they are doing what’s expected in production.

    In this webinar we’ll cover:

    -How to implement image scanning in your CI/CD pipeline
    -How to prevent vulnerable images from being deployed to production
    -Methods for detecting anomalous behavior inside containers
    -What’s required for forensics when the container may no longer be running
    -How to audit and report on compliance at each stage of your SDLC
  • Kubernetes Monitoring: Best Practices Recorded: Aug 8 2018 58 mins
    Eric Carter
    Kubernetes-orchestrated applications running on containers require a new approach to performance monitoring and troubleshooting. Join Sysdig for an overview of what you can expect when monitoring Kubernetes-based microservices and what to consider for optimal effectiveness. During this webinar you'll learn:

    - What are the key metrics and components to monitor in a Kubernetes environment?
    - How do containers complicate monitoring and what you can do to see inside?
    - When should you set alerts, and for what, to keep on top of cluster behavior?
    - What role do custom metrics (e.g., Prometheus) play for observing app behavior?
    - How do you troubleshoot in an auto-scaling, distributed environment?

    This webinar will include a demonstration of open source and commercial tools that can help you solve these new challenges. Attend to get insight that will help you operate Kubernetes deployments in development and production at any scale.
  • Building an Open Source Container Security Stack Recorded: Aug 2 2018 57 mins
    Daniel Nurmi from Anchore with Jorge Salamero Sanz & Michael Ducy from Sysdig
    Container security is top-of-mind for any organization adopting Docker and Kubernetes. In this session Sysdig and Anchore present how you can build a complete open source container security stack for Docker and Kubernetes with Falco and Anchore Engine.

    This session will live demo:

    -Using Falco, NATS and Kubeless to build a Kubernetes response engine and implement real-time attack remediation with security playbooks using FaaS.
    -How Anchore Engine can detect software vulnerabilities in your images, and how it can be integrated with Jenkins, Kubernetes and Falco.
  • Best practices for Forensics and Incident Response in Containers Recorded: Aug 1 2018 23 mins
    Knox Anderson
    Almost 5 years, 48,000+ github stars, and tens of thousand of production deployments later we can safely say containers are a technology that is a here to stay. Theyre developer friendly, easy to operationalize, and allow organizations to provide stable and secure services to their customers.

    While there are clear best practices for what it takes to build and run containers, there isn't as much knowledge around the performing forensic analysis of incidents that occur inside your containers.

    In this webinar we'll cover:

    - How containers change incident response and forensics

    - Best practices around forensic data collection in container environments

    - Compare opensource and commercial forensics options

    - A live demo of multiple forensics investigations using Sysdig Inspect: an opensource container forensics tool
  • Comparing Prometheus custom metrics to APM Recorded: Jul 31 2018 33 mins
    Eric Carter
    Use PROMETHEUS? Take our survey: https://www.surveymonkey.com/r/8SYCDQB

    Developers have numerous options for instrumenting code to monitor and troubleshoot application performance. When should you turn to custom metrics like Prometheus, statsd and JMX? When are tracing and APM the right fit? How do these solutions compare?

    Join us for our online session to learn:
    - The advantages and disadvantages of different approaches for application performance monitoring
    - When you should choose one solution over another and what the best use cases are for each
    - How to consolidate monitoring and accelerate troubleshooting when using multiple options
  • Open source Kubernetes run-time security with Falco Recorded: Jul 24 2018 20 mins
    Michael Ducy
    Effective security requires a layered approach. If one layer is comprised, the additional layers will (hopefully) stop an attacker from going further. Much of container security has focused on the image build process and providing providence for the artifacts in a container image, and restricting kernel level tunables in the container runtime (seccomp, SELinux, capabilities, etc). What if we can detect abnormal behavior in the application and the container runtime environment as well? In this talk, we’ll present Falco - an open source project for runtime security - and discuss how it provides application and container runtime security. We will show how Falco taps Linux system calls to provide low level insight into application behavior, and how to write Falco rules to detect abnormal behavior. Finally we will show how Falco can trigger notifications to stop abnormal behavior, notify humans, and isolate the compromised application for forensics. Attendees will leave with a better understanding of the container security landscape, what problems runtime security solves, & how Falco can provide runtime security and incident response.
  • Sysdig & SANS Institute: Forensics and Incident Response in Containers Recorded: Jul 20 2018 61 mins
    Knox Anderson, Sysdig and Jake Williams, SANS Analyst
    Almost 5 years, 48,000+ github stars, and tens of thousand of production deployments later we can safely say containers are a technology that is a here to stay. They’re developer friendly, easy to operationalize, and allow organizations to provide stable and secure services to their customers.

    While there are clear best practices for what it takes to build and run containers, there isn't as much knowledge around the performing forensic analysis of incidents that occur inside your containers.

    In this webinar we'll cover:
    - How containers change incident response and forensics
    - Best practices around forensic data collection in container environments
    - Compare opensource and commercial forensics options
    - A live demo of multiple forensics investigations using Sysdig Inspect: an opensource container forensics tool
  • Kubernetes Security Features Recorded: Jul 3 2018 22 mins
    Jorge Salamero Sanz
    Kubernetes security features focus on infrastructure layer: verifying that configuration is safe, follow the security best practices, the last privileges and your deployment has no known issues. How that compares with runtime security?
    - Kubernetes RBAC overview
    - Kubernetes Pod Security Policy
    - Kubernetes Network Policy
    - Securing Kubernetes components and applications
  • Kubernetes Run-Time Security, an Example of Blocking an Application Attack Recorded: Jun 26 2018 18 mins
    Knox Anderson
    Join us for an online demo of blocking an application attack in your Kubernetes cluster.
  • How do enterprises use containers? A discussion of 2018 Docker usage. Recorded: Jun 21 2018 45 mins
    Eric Carter
    What are the top application components running in containers? What is the lifespan of containers, container images, and services? How is orchestrator adoption changing? What keeps container developers and administrators up at night?

    Join us for a discussion of these topics and more in our review of the 2018 Docker Usage Report - based on a sample of 90,000 containers in real-world deployments.
  • Kubernetes Open-Source Security: Falco + NATS + kubeless demo Recorded: Jun 12 2018 30 mins
    Michael Ducy
    Join us to learn about container runtime security, and how to secure your container runtime environment with Falco and Kubeless. We'll also demo Falco detecting abnormal behavior in a container, and Kubeless taking action on the compromised container.
  • Sysdig + Grafana: Dashboards or metric exploration, which one should you use? Recorded: Jun 5 2018 31 mins
    Eric Carter, Davide Schiera
    Visualization of container metrics and time series data with dashboards and graphs using tools like Grafana and Sysdig can give valuable insight into what’s happening in your microservices environment.

    Join us for a discussion of what each of these solutions provides to help simplify monitoring and troubleshooting across a wide scope of technologies including Prometheus, Docker, and Kubernetes.
  • 15 Failure Points in Kubernetes and How to Monitor Them Recorded: May 22 2018 23 mins
    Jorge Salamero Sanz
    There is a lot of discussion nowadays on how to use containers in production - are you there already?

    When operating a production platform we should prepare for failure and in addition to monitoring working metrics, we cannot forget about the most common failure points. From an agnostic monitoring solution perspective, and following a use-case driven approach, we will learn the most common failure points in a Kubernetes infrastructure and how to detect them (metrics, events, checks, etc).
  • Frictionless Application Development:Radically Change How You Secure and Monitor Recorded: May 10 2018 61 mins
    Knox Anderson and Eric Carter
    To address the challenges containers present, Red Hat's OpenShift Container Platform provides a fully managed container platform. In addition, the Sysdig Container Intelligence Platform, brings a container-native monitoring and security solution that gives you full visibility and control of your OpenShift environment. Sysdig provides workflows to proactively scale, and manage your application performance across your private and public cloud infrastructure.
  • Container Forensics & Troubleshooting with Sysdig Inspect Recorded: Apr 27 2018 40 mins
    Jorge Salamero Sanz, Technical Marketing Manager, Sysdig
    Join us for a 1 hour use-case driven training session on container forensics, postmortem analysis and error troubleshooting with the Sysdig open source tool, Sysdig Inspect.

    In this session, we'll demo:

    -How to troubleshoot a 502 Bad Gateway error on HAproxy

    - A postmortem analysis to understand how a hacker broke into your containerized app

    - How to do deep forensic analysis and understand how your system was breached and what data was taken
  • Best Practices for Monitoring and Securing Containers and Microservices Recorded: Apr 17 2018 49 mins
    Eric Carter, Director of Product Marketing, Sysdig and Knox Anderson, Product Marketing, Sysdig
    Containers and microservices are designed to provide a reliable and low-cost way for teams to build and ship distributed applications. However, they also add extra layers of abstraction and orchestration to your environment that hinder your ability to do performance monitoring and security enforcement.

    We’ll discuss how to overcome this challenge and specifically discuss:

    - Benefits and drawbacks of different approaches to data collection in containers
    - How using metadata from orchestrators like Kubernetes helps optimize and secure your containers
    - Best practices for alerting and compliance in a distributed ephemeral infrastructure
    - How troubleshooting and forensics has changed in containerized environments
  • Monitoring Containers & Microservices with Sysdig Monitor Recorded: Apr 12 2018 59 mins
    Eric Carter, Director of Product Marketing
    Container-based infrastructure radically changes what’s required for monitoring, troubleshooting and alerting. How do you see what’s happening inside containers? How do you monitor the performance of distributed services orchestrated by tools like Kubernetes? How do you get complete visibility without bloating your container images?

    Watch this webinar for an introduction of Sysdig Monitor, part of the Sysdig Container Intelligence Platform. In this session we will discuss and demo:

    - How to monitor services and apps built on top of containers
    - The benefits of transparent instrumentation for metric collection
    - Using dashboards to quickly see and share performance data
    - How to quickly determine the what and the why of what’s happening in your environment
The Cloud-Native Intelligence Company
Sysdig is the cloud-native intelligence company. We have created the only unified platform to deliver monitoring, troubleshooting, and security in a microservices-friendly architecture. Our open source technologies have attracted a community of over a million developers, administrators and other IT professionals looking for deep visibility into systems and containers. Our container intelligence platform monitors and secures millions of containers across hundreds of enterprises, including Fortune 500 companies and web-scale properties. Learn more at www.sysdig.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Kubernetes Open-Source Security: Falco + NATS + kubeless demo
  • Live at: Jun 12 2018 5:00 pm
  • Presented by: Michael Ducy
  • From:
Your email has been sent.
or close