Loading…
In-person
November 12-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Mountain Standard Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
Friday November 15, 2024 11:55am - 12:30pm MST
Ensuring the security of Kubernetes is a team sport. When a CVE is reported to the SRC for Kubernetes, a process is kicked off that involves a lot of coordination between SRC, contributors from different SIGs, and SIG Release, ultimately resulting in new Kubernetes Releases. Once released, an automatic CVE feed provides a programmatic way to understand the security of the releases. For other security issues, like dependency vulnerabilities and false positives, it isn’t quite as easy to get a full picture. SIG Security, SIG Release, and SRC are working to make this better and in this session we will share more about how things work today and what we plan to do in the future to improve the security visibility of the releases and artifacts produced by the project!
Speakers
avatar for Jeremy Rickard

Jeremy Rickard

Principal Software Engineer, Microsoft
Jeremy Rickard is a principal software engineer at Microsoft where he works on the Azure Container Upstream team. He is currently a co-chair for SIG Release and serves on both the CNCF and the Kubernetes Code of Conduct Committees. He was also the Kubernetes 1.20 Release Lead.
avatar for Rita Zhang

Rita Zhang

Principal software engineer, Kubernetes SIG Auth co-chair, Security Response Committee, Microsoft
Rita Zhang is a Principal software engineer at Microsoft, based in San Francisco bay area. She leads the Azure Container Upstream team of maintainers and contributors building features for Kubernetes upstream, CNCF projects, and for Azure Kubernetes Service. She is a Kubernetes sig-auth... Read More →
Friday November 15, 2024 11:55am - 12:30pm MST
Salt Palace | Level 3| 355 B
Log in to leave feedback.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link