Skip to main content
EuroPythonCode of ConductBuy tickets

Common Python Mistakes with Kubernetes, How They Can Cause Vulnerabilities and How to Solve Them!

Room:
Liffey Hall 2
Start:
14:30 on 14 July 2022
Duration:
30 minutes

Abstract

In this session, we will have a look at common mistakes in Python, that can cause serious code vulnerabilities, specifically for Kubernetes deployments of the code. We will subsequently have a look at what those vulnerabilities actually can result in and how your containerized application can get “hacked” as a result. We will also discuss how developer and security teams struggle to talk in a common language to prevent and mitigate these vulnerabilities. Lastly, we will see how you can prevent and mitigate these vulnerabilities in real-life.

Talk~None of the above

Description

In this session, we will have a look at common mistakes in Python, that can cause serious code vulnerabilities, specifically for Kubernetes deployments of the code. We will subsequently have a look at what those vulnerabilities actually can result in and how your containerized application can get "compromised" as a result. We will also discuss how developer and security teams struggle to talk in a common language to prevent and mitigate these vulnerabilities. Lastly, we will see how you can prevent and mitigate these vulnerabilities in real-life using tools like Falco, TUF, Open Policy Agent and Bandit. We will also see how a CI/CD pipeline should look like, to build, test and deploy something in real-life. During this session you will learn a ton, see cool demos and all of the samples will be available to the attendees afterwards.

My session will benefit the ecosystem by pointing out common mistakes that can be made when writing Python code and deploying this via Kubernetes. This can cause serious breaches when exploited by attackers. The goal of the session is to both educate attendees on these vulnerabilities, as well as on how to fix them. I will be talking about multiple open source projects that can secure code and deployment. I will not cover any commercial products. Falco TUF Open Policy Agent Bandit (not CNCF) GitLab (not CNCF)


The speaker

Christopher Van Der Made

After 5 years of being a Consulting Systems Engineer Security for Cisco customers for the Dutch market, Christopher Van Der Made is now Developer Advocate, focusing on Security within Cisco DevNet. Within this role he serves as a technical evangelist and is the "voice of the developer" within Cisco, actively engaging internally and externally to build a community of developers and engineers. From Rotterdam, Netherlands, of Dutch and American nationality. Christopher studied at the University of Amsterdam, majoring in Neuroscience with a Computer Science minor. He achieved his Masters in Information Sciences, and joined Cisco through the Graduate program.



← Back to schedule