Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Project] 2020 NA Cloud Native Security Day VIRTUAL (aka SIG-Security day) at Kubecon #416

Closed
5 tasks done
TheFoxAtWork opened this issue Sep 4, 2020 · 11 comments
Closed
5 tasks done

[Project] 2020 NA Cloud Native Security Day VIRTUAL (aka SIG-Security day) at Kubecon #416

TheFoxAtWork opened this issue Sep 4, 2020 · 11 comments
Assignees
@TheFoxAtWork
Labels
proposal common precursor to project, for discussion & scoping

Comments

@TheFoxAtWork
Copy link
Contributor

TheFoxAtWork commented Sep 4, 2020
edited
Loading

Description: SIG-Security Day at the upcoming NA Kubecon/CloudNativeCon. The goal of the day is to bring together the broader Cloud Native security community in a community oriented space to discuss and share current challenges (and solutions) in Cloud Native security.

Social Media:

#cnsecurityday
CNCF Website Security Day

Discuss:

Practical application of the security tools and features in the Cloud Native ecosystem.
Role of red teams and blue teams in Cloud Native architectures.
Practical security policies and procedures in Cloud Native.
Common attack patterns in Cloud Native.
Latest vulnerabilities in Cloud Native platforms.
Impact: there's a lot of vendor focused events on Monday, which risks losing focus on open source community, this creates single place where people involved in cloud native security community can gather together in vender-neutral place

Program committee

SIG Chair: @pragashj confirmed

Team Leads: (needs confirmed)

CFP Reviewers: (needs confirmed)

slack channel: #sig-security-events

Nov 17th 2020

TO DO

  • Website: generate some content for the Event Website that covers the items in the trello ticket. We'll use the sig-security-events repo as a collection of SIG events moving forward
  • CFP prep
  • CFP Review
  • Security Day event schedule/planning
  • Retrospective: doc

Proposed Format

Virtual conference with hallway track in Slack Channel for proposed topic areas (threaded)
Special Slack Channel for the CTF! #3-cnsecurityday-ctf

Capture the Flag!

  1. An educative CTF to promote Kubernetes security awareness. All levels welcome! Each CTF scenario will be run in parallel with a talk, with friendly people on hand in Slack to help anybody that gets stuck.
  2. Learn how to protect your cluster by pwning another and capturing their flag. From n00b to 1337, we have a number of different scenarios for hands-on learning. Join the Slack channel and our training team will get you up and running throughout the day.
  3. Join the Red team and capture the flags on our misconfigured clusters. This event is here to help you learn by doing, so if this is your first CTF or you're a vulnerability veteran, Control Plane will be there to help you level up with our hosted event. DM CTF on the Slack channel to get started.
  4. Bored of having vulnerabilities on your cluster? If so, then come find ours! We have clusters ready and waiting, setup incorrectly for you ready for you to own and capture the flags. As well as learning by doing we will be giving away prizes throughout the day.
  5. Take control of a misconfigured cluster to learn best Kubernetes security practices. These hosted clusters will be available throughout the day for you to own. Join the Slack channel to get started!

The CNCF has offered to provide financial support for this event and then recover the costs through selling sponsorships. However, the presence or requirement for sponsors shouldn't imped the community focused nature of the event (No badge scanning, No raffels, No gaudy signage, No expectation of a speaking slot, etc).
@TheFoxAtWork TheFoxAtWork added the proposal common precursor to project, for discussion & scoping label Sep 4, 2020
@TheFoxAtWork
Copy link
Contributor Author

@mfdii please let us know if you can continue as lead

@markjacksonfishing
Copy link

I can confirm to be a CFP reviewer

@vinayvenkat
Copy link
Contributor

@TheFoxAtWork I would be happy to be a part of the Program Committee and review CFP's. Thank you.

@raravena80
Copy link
Contributor

Confirmed.

@mhausenblas
Copy link
Contributor

Confirmed and thanks for driving this!

@sublimino
Copy link
Member

sublimino commented Sep 5, 2020 via email

@pragashj
Copy link
Collaborator

pragashj commented Sep 9, 2020

I am in!

@gadinaor
Copy link
Contributor

gadinaor commented Sep 9, 2020

Happy to be part of the CFP reviewers

@lumjjb
Copy link
Contributor

lumjjb commented Sep 9, 2020

Happy to be part of the CFP reviewers as well.

@TheFoxAtWork
Copy link
Contributor Author

Closing call for CFP reviewers.

@chasemp
Copy link
Contributor

chasemp commented Sep 9, 2020

I'm around but it seems like a good group already. I can be an alternate if you come up short on reviewers, or a secondary review if further input on pairing down is useful.

@TheFoxAtWork TheFoxAtWork self-assigned this Dec 4, 2020
@lumjjb lumjjb mentioned this issue Aug 5, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@TheFoxAtWork TheFoxAtWork

Labels
proposal common precursor to project, for discussion & scoping
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@mhausenblas @sublimino @chasemp @lumjjb @vinayvenkat @gadinaor @raravena80 @markjacksonfishing @pragashj @TheFoxAtWork