NorthSec 2021

Magno Logan

Magno Logan works as an Information Security Specialist for Trend Micro Cloud and Container Security Research Team. He specializes in Cloud, Container and Application Security Research, Threat Modelling, Red Teaming, DevSecOps, and Kubernetes Security, among other topics. He has been tapped as a resource speaker for numerous security conferences around the globe including Canada, USA, Portugal and Brazil. He is also the founder of JampaSec and a member of the CNCF SIG-Security team.


What is your title?

Information Security Specialist and Senior Threat Researcher

What is your company/affiliation(s)?

Trend Micro

Website (full URL)

https://katanasec.com

Twitter account (full URL)

https://twitter.com/magnologan

LinkedIn profile (full URL)

https://linkedin.com/in/magnologan

GitHub account (full URL)

https://github.com/magnologan


Sessions

05-21
14:00
30min
Cloud security
Philippe Arteau, Renzon Cruz, Magno Logan, Evelyn Lam, Max Habra

Q&A and discussion for the cloud security block, hosted and moderated by Max Habra. Questions will be gathered from the audience during the three prior talks.

Cloud
Main stream
05-21
15:00
120min
Kubernetes Security 101: Best Practices to Secure your Cluster
Magno Logan

This workshop aims to give an overview about how Kubernetes works and provide some best practices to secure your cluster whenever you are deploying a new cluster on your own or via managed services such as GKE, EKS or AKS. We are going to cover everything from the Control Plane or the Master Node, starting with the API server, including etcd, RBAC and network policies. Then, we’ll cover the worker nodes, kubelet, audit logs and pods best practices. We'll talk about the CIS Benchmarks for Kubernetes and the default configurations you need to worry about when deploying a new cluster. We'll show how to use RBAC and assign roles and permissions to your cluster users. We'll demonstrate how to enable audit logs for better visibility and later we'll set up some network policies to avoid communication between pods and prevent any lateral movement from attackers.

Cloud
Workshops2