In-person + Virtual
16 -20 May
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Wednesday, May 18 • 16:30 - 17:05
Securing Kubernetes Applications by Crafting Custom Seccomp Profiles - Sascha Grunert, Red Hat

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Applying seccomp profiles to Kubernetes workloads is one of the most efficient ways in securing containers. The profiles have to be created with care and need to be maintained over the complete lifecycle of the application. This manual effort causes that many applications either stick to the runtime default profile or turn the feature off at all. In this talk, Sascha will demonstrate how to create a custom seccomp profile for a specific containerized application. It will cover the basic techniques of collecting the required syscalls by hand, and also advanced ways of utilizing eBPF and automatic audit log tracing. The session will also discuss the drawbacks of relying on automations. In the end, Sascha will show how to create multi architecture profiles and utilizes in-cluster enhancements like the Security Profiles Operator to create an application specific profile. Join this talk to learn more about seccomp in Kubernetes and how to secure your applications!

Click here to view captioning/translation in the MeetingPlay platform!

Wednesday May 18, 2022 16:30 - 17:05 CEST
Viewable In Platform Feria Valencia