CloudDevOpsDevSecOpsFeaturedLet's TalkSecuritySREsVideo

Supply Chain Security Was A Hot Topic At KubeCon EU, Valencia: Stephen Giguere, Bridgecrew


In this series of interviews conducted at KubeCon + CloudNativeCon Europe 2022 (unfortunately this one was done remotely due to some flight changes), we sat down with Stephen Giguere, Developer Advocate at Bridgecrew, to talk about his experience at the event. It was clear that KubeCon is ‘back’. The attendees were more focused with actual practitioners at the event – DevOps and SREs were among the crowd. Once again, supply chain security was one of the hottest topics and got more attention than usual, which is what we need today. In this episode, Giguere shared his experience at the event, trends and patterns that he saw and then also talked about how Bridgecrew (a Palo Alto Networks company) actually helps users solve many of these challenges that we talked about at KubeCon.

Key highlights from this video interview are:

  • Giguere discusses some of the keynotes that really caught his attention and why. He explains why it is so beneficial to hear a keynote speech where it is an actual user of the cloud-native ecosystem, since as a practitioner and vendor it can be a reality check.
  • Giguere discusses how the introduction of Docker and Kubernetes meant that the tools and methods used before no longer worked and why people struggled to make the change.
  • Giguere explains how DevSecOps came about and the challenges this transition has presented. He discusses the role security has been playing in the DevOps initiative and some of the key considerations.
  • The move to adopting cloud-native technologies is presenting challenges due to the sheer velocity. Giguere explains how security is being used to accommodate these needs, from making tools that are secure by default to enabling Ops to do things in CI/CD.
  • Giguere discusses the impact security has on the developer experience to enable them to continue to focus on creating applications that add business. He explains how bringing in the idea of DevSecOps can make it easier for developers, by providing them with tools that make sense.
  • Kubernetes presents a number of unique challenges, both cultural and technological. Giguere explains the problems of security in Kubernetes and how a lack of education and best practices can contribute to the situation.
  • Giguere feels that the supply chain is a big focus right now. He explains how everything as code can be used to find weaknesses and fix them earlier in the life cycle.

Connect with Stephen Giguere (LinkedIn)

The summary of the show is written by Emily Nicholls.

Read Transcript


Don't miss out great stories, subscribe to our newsletter.

Build Modern Data Stack In Hours With Meltano 2.0 | Douwe Maan

Previous article

Kubernetes Complexity Is Going To Increase Even More: Itiel Shwartz, Komodor

Next article
Login/Sign up