Conference Videos
Watch my talks on Kubernetes security, cloud native technologies, and open source contributions.
Canals and Bridges: Securing K8s Networks
A fresh take on Kubernetes security by comparing it to Amsterdam's canal system. Demonstrates general Kubernetes security controls with emphasis on secure networking, including a demo with inspektor gadget tool.
Sharing Security Secrets: How to Encourage Security Advocates
The cloud can be a big scary place, and with malicious actors around every corner it’s important that security teams have the power they need to keep data safe, and services available. Although it can feel like we are alone in our mission, and sometimes security practices are seen as burdensome - it doesn’t have to be that way! If we can take the time and make the effort to share our security secrets, introduce teams to Alice and Bob and encourage a healthy amount of suspicion; we can create a company-wide culture that cares about security. We can’t be everywhere at once - so having others looking out for security risks in their work is invaluable.
Securing with Love: A Philly Style Approach to Cloud Safety
This dating game style talk will share when to involve security professionals, and how to work together to create a reliable and secure application. Security should be an integral part of the development lifecycle and not an after thought. At the same time security teams need to understand the use cases, and workflows in order to protect applications without increasing toil. In order for both sides to do their best work we need to work together! While we won’t have time to cover everything in 45 minutes, we will focus on practical steps including: collaboration, dataflow diagrams, threat modelling, and classifying/triaging risks. Security doesn’t end at deployment – ongoing security checks and upkeep are vital. Learn actionable tips and best practices for maintaining a strong security posture that requires little upkeep. Join us in embracing the spirit of brotherly love as we explore a collaborative, proactive, and Philadelphia-style approach to cloud security. Attendees will leave armed with practical insights, tools, and hopefully excited to work together across disciplines to create and maintain the best products possible.
Defending the Cloud Capital: Unveiling K8s Security Risks and Remediation
In the cloud native landscape, Kubernetes has found itself at the centre, powering many of the applications we interact with daily. With great power comes great responsibility, and security is crucial. Drawing inspiration from the design, and defence history of Washington D.C., Cailyn will unveil common k8s security risks and explore effective remediation strategies. We will look at the OWASP Kubernetes Top 10, dig into some real world compromises and discuss what k8s SIG-Security is doing to keep the cloud secure. Join us as we navigate the intricate world of Kubernetes security, delving into risk assessment, access controls, network security, container isolation, and more. Attendees will leave this talk with an understanding of Kubernetes security, some new facts about our host city and a little peace of mind knowing about some of the defenses available.
The Hitchhiker's Guide To Joining The Open-Source Community And Contributing To Kubernetes
Far out in the uncharted backwaters of the unfashionable end of the internet lies a small unregarded, yet passionate community of open source projects. Cailyn will walk you through her journey to this community, and share lessons she learned along the way. At the end of this talk you will have a better idea of where to look for projects that need support, and how to select impactful ways to start contributing.
Keynote: Security in the Open - How Industry and Community Benefit When Security Thrives in the OSS Landscape
To continue fostering and growing the cloud-native security community we need more companies to support employees spending time on open source projects. To do this, we need to continue to build a symbiotic relationship between the cloud-native community and industry. The Okta FGA team has seen first hand the value of creating and supporting open source projects since launching OpenFGA and joining the CNCF. Private and open source communities working together have the opportunity to boost product discovery, increase developer growth and velocity, and engage and become integral leaders in the security space by establishing security standards and guidelines across the industry. In this presentation, Jonathan and Cailyn will talk about some of the biggest wins, and why they think all companies should be giving back to the open source community more and how it can mutually benefit the security footprint of the software industry in general.
Scaling Container Security Without Slowing Developers
Are you struggling to implement robust container security at scale without creating friction with your development teams? In this episode, host Ashish Rajan sits down with Cailyn Edwards, Co-Chair of Kubernetes SIG Security and Senior Security Engineer, for a masterclass in practical container security. This episode was recorded LIVE at KubeCon EU, London 2025.
SIG Security: Succession Planting for a Flowering Future
Kubernetes SIG Security takes a community-building approach to improving security for end users, project maintainers, and the Kubernetes project itself. Much like a garden thrives with careful planning, diverse plants, and collaboration, we use the same techniques to ensure our community is well tended and blooming. Join us as we introduce the next generation of SIG Security leadership and talk about succession plan(t)ing to ensure a smooth transition, encourage growth, and maintain the values that cultivate and foster the community we’ve built together. Come learn what we’ve been working on, what we have planned for the future, and how you can get involved. We will go over the many roles required to create a rich community, from the gardeners to the pollinators - it really does take a village! Everyone is welcome: we all have something to teach and something to learn, and we would love to learn from you! Bring questions, share ideas, and let’s plant some seeds. See you there!
Do Your Containers Even Lift – A Hardening Guide for K8s Containers
In a world where containers are centre stage it's important that they look and feel their best. In this talk we will go over the Kubernetes security checklist - identifying quick fixes that will yield huge gains. Together Cailyn and the audience will take a container from flimsy and squishy to rock solid in a Rocky worthy montage of a demo. Become the trainer your containers need, and ensure that your security routines are sustainable and maintainable! From slim images, to access control we will cover techniques and tools that will make your security dreams a reality. Attendees will leave this talk with a list of Cloud Native tools that will take their container security to the next level and help their containers get a PB on their next CIS BENCHmark!