Skip to main content
EuroPythonCode of ConductLive 📹

Common Python Mistakes with Kubernetes, How They Can Cause Vulnerabilities and How to Solve Them!

Room:
Liffey Hall 2
Start (Dublin time):
Start (your time):
Duration:
30 minutes

Abstract

In this session, we will have a look at common mistakes in Python, that can cause serious code vulnerabilities, specifically for Kubernetes deployments of the code. We will subsequently have a look at what those vulnerabilities actually can result in and how your containerized application can get “hacked” as a result. We will also discuss how developer and security teams struggle to talk in a common language to prevent and mitigate these vulnerabilities. Lastly, we will see how you can prevent and mitigate these vulnerabilities in real-life.

Talk~None of the above

Description

In this session, we will have a look at common mistakes in Python, that can cause serious code vulnerabilities, specifically for Kubernetes deployments of the code. We will subsequently have a look at what those vulnerabilities actually can result in and how your containerized application can get "compromised" as a result. We will also discuss how developer and security teams struggle to talk in a common language to prevent and mitigate these vulnerabilities. Lastly, we will see how you can prevent and mitigate these vulnerabilities in real-life using tools like Falco, TUF, Open Policy Agent and Bandit. We will also see how a CI/CD pipeline should look like, to build, test and deploy something in real-life. During this session you will learn a ton, see cool demos and all of the samples will be available to the attendees afterwards.

My session will benefit the ecosystem by pointing out common mistakes that can be made when writing Python code and deploying this via Kubernetes. This can cause serious breaches when exploited by attackers. The goal of the session is to both educate attendees on these vulnerabilities, as well as on how to fix them. I will be talking about multiple open source projects that can secure code and deployment. I will not cover any commercial products. Falco TUF Open Policy Agent Bandit (not CNCF) GitLab (not CNCF)


The speaker

Flo Pachinger

Flo is a Developer Advocate at Cisco focusing on IoT, machine learning and network programmability. With a software and networking background he has been working since a couple of years on many IoT, ML and network automation projects. He is the most passionate about connecting things and getting information out of data in any way possible. In his current role, he is working on awesome showcases with Cisco and Open-Source technologies and providing learning content to the developer community.



← Back to schedule