9:00am • Opening Remarks + CTF Overview - Andrew Martin, ControlPlane
9:20am • Keynote: Crossing the Kubernetes Network Policy Chasm - Michael Foster, Red Hat, Community Lead - StackRox
9:30am • Keynote: Why Developer Laptop Security is Key to Securing Your CI/CD Pipeline - Jeremy Colvin, Technical PMM, Uptycs
9:40am • Securing Access to Kubernetes Infrastructure with Kubernetes Zero Trust Principles - Mohan Atreya, Rafay Systems
10:25am • Cloud Native Security for the Rest of Us - Tiffany Jernigan, VMware
11:00am • Day in the Life of a Base Image: The Evolution of Vulnerabilities in the Most Popular Containers - Ayse Kaya, Slim.AI
11:35am • Panel Discussion: Securing the Golden Path: Adding Guardrails for Developers Without Getting in Their Way! - Moderated by Aradhna Chetal, TIAA; Elizabeth Vasquez Alban, Barclays; Kapil Bareja, Saviyant; Jim Bugwadia, Nirmata & Anil Karmel, RegScale
1:25pm • Building Images for the Secure Supply Chain - Adrian Mouat, Chainguard
2:00pm • How’s Your Supply Chain with Your Insecure OSS Ingestion? - James Holland, Citi
2:35pm • Uncovering the History of Your Software Artifacts - Mikhail Swift, TestifySec
3:20pm • Conan.Io – Lessons Learned from Securing 40,000 C++ Packages - Diego Rodriguez-Losada Gonzalez, JFrog
3:55pm • Why Machines Deserve Rights: Rethinking Automated Infrastructure Access with OSS Teleport Machine ID - Kenneth DuMez, Teleport
4:30pm • Verifiable eBPF Traces for Supply Chain Artifacts with Witness and Tetragon - Cole Kennedy, TestifySec
5:00pm • Closing Remarks - Eric Smalling, Cloud Native Security TAG
10:20am • Pwning the CI (with GitHub Action Workflows) - Stephen Giguere, Bridgecrew
10:55am • Policy-Based Governance for End-to-End Integrity Control of Policies - Yuji Watanabe, IBM Research & Jayashree Ramanathan, Red Hat
11:30am • ⚡ Lightning Talk: Assessing Environments Against Cloud Native Security Best Practices - Pratik Lotia, Reddit & Jon Zeolla, Seiso
11:45am • ⚡ Lightning Talk: Securing K8s Pods from Within: A Runtime Approach - Rahul Arvind Jadhav, Accuknox Inc
12:55pm • ⚡ Lightning Talk: OPAL: The Open Source GitOps Enabled Platform for Building Authorization - Asaf Cohen, Permit.io
1:10pm • Beyond Proof of Concept: Keys to a Successful SPIRE Rollout in Production - Eli Nesterov, N/A
1:45pm • Secure CI/CD Using JSON Web Token (JWT) - Dov Hershkovitch, GitLab
2:20pm • Panel Discussion: Say Hi to the New Couple in the Town – DockerSlim and Kyverno – Making Your Kubernetes Workloads More Secure! - Moderated by Mritunjay Sharma, Slim.AI; Shuting Zhao , Nirmata; Ruhika Bulani, D.Y. Patil College of Engineering, Aku
3:05pm • Know Your Dependencies: A Guide to Automating Dependency Assurance - Steve Judd, Jetstack
3:40pm • See It to Believe It: Bringing Observability to Otherwise Opaque Container Builds - Parth Patel, Kusari & Shripad Nadgowda, Intel
4:15pm • Fileless Attack - Detecting the Undetectable - Carolina Valencia, Aqua Security
9:00am • Welcome + Opening Remarks - Pratik Lotia, Cloud Native Security TAG
9:15am • Keynote: Detecting Threats in GitHub with Falco - Loris Degioanni, Chief Technology Officer & Founder, Sysdig
9:25am • Keynote: Vulnerability Data is Not Enough: The Case for an Actionable UI - Kara Yimoyines, Sr. Engineering Manager, VMware Tanzu
9:35am • Introducing the OWASP Top Ten for Kubernetes - Jimmy Mesta, KSOC Labs, Inc.
10:20am • Hands-on Workshop: Batten Down the Hatches! A Cluster Security Journey - Steve Wade, KSOC Labs, Inc.
11:35am • Source Attestations with Gitsign - Billy Lynch, Chainguard
12:55pm • Hands-on Workshop: Network Policies - The Not-So-Hard Way - Raymond de Jong & Tracy Holmes, Isovalent
2:25pm • Hands-on Workshop: Confidential Containers: Bringing Confidential Compute to Kubernetes - Mikko Ylinen, Intel & Tobin Feldman-Fitzthum, T.J. Watson IBM Research Center
3:40pm • The Eye of Falco: You Can Escape but Not Hide - Stefano Chierici & Lorenzo Susini, Sysdig
4:15pm • Getting More Confident with Your Security Helper Libraries Thanks to Go Fuzzing - Jeremy Matos, Grafana Labs
4:50pm • Closing: "And, That's a wrap!" - Marina Moore + Ragashree M C, Event Program Chairs & Andrew Martin + James Cleverley-Prance, CTF