Open Source Developer Advocate at Aqua Security
A key element of successfully integrating security into the DevOps lifecycle is embedding it right from the start. Helping developers and operators build security controls from day one with easy to use open source tooling can make that a reality. This talk will take a hands-on approach to demonstrate how to install, configure and customize open-source security tools to be used throughout the Development Lifecycle. We will focus on a couple of core tools. Firstly understanding how Trivy, an all in one security scanner, can be used to help secure container images, Dockerfiles, Kubernetes manifests and IaC code such as Terraform. Then the workshop will move on to operationalizing security controls using Kubernetes operators to automate the operation of Trivy and other security tools, providing continuous security assurance of workloads and Kubernetes clusters.
Anaïs is a Developer Advocate at Aqua Security, where she contributes to Aqua’s cloud native Open Source projects. When she is not advocating DevOps best practices, she runs her own YouTube Channel centered around cloud native technologies. Before transitioning to the cloud native ecosystem, Anaïs helped blockchain projects scale and find adoption. As CNCF ambassador, her passion lies in making tools and platforms more accessible to developers and community members.See all speakers ›