OPEN TALK: Learn How to Find & Fix Security Issues in Kubernetes Manifests Using Open Policy Agent and Regula

Aidan O'Connor
Fugue, Senior Solutions Engineer

Aidan O’Connor is a Senior Solutions Engineer at Fugue, where he helps cloud engineering and security teams build integrated, scalable cloud security solutions. Aidan spent five years as a consultant for the Department of Defense (Joint Staff and Department of the Navy), including assisting with cloud migration projects. Aidan is a graduate of the Virginia Military Institute and a Ranger-qualified Infantry Officer with the Virginia National Guard.

Teams can now run pre-deployment security checks on their Kubernetes (K8s) manifests using Open Policy Agent (OPA), the open standard for policy as code and a Cloud Native Computing Foundation project.

In this session, Aidan O'Connor (Senior Solutions Engineer at Fugue) will walk through using OPA and Regula (an open source OPA-based tool purpose built for IaC checks) to find and fix security issues (measured against Center for Internet Security Benchmarks) in your K8s manifests pre-deployment.

Attendees will walk away with an understanding of:

-The kinds of security risks that need to be considered with K8s manifests
-Using OPA and Regula to catch security vulnerabilities and learn how to remediate them
-How automated K8s manifest checks can be integrated into DevOps workflows