Workshop for Practitioners

Walled Garden, a Practical Guide to 0-trust Kubernetes

Creating a 0-trust cloud native platform cuts across numerous areas within operations including networking, security, dev, and compliance. First we’ll talk about what 0-trust really means, and how you can dissect the use of it when it comes up in your technical conversations. Then, we’ll go through each layer of the 0-trust onion and build a hardened cluster with hands-on examples.

Mode: Initial 30-40 minute lecture to teach/conceptualize the topic followed by hands-on lab/demos. Audience can follow along. Source code and examples will be made shared after the workshop. 

Goal: Participants should walk away with a firm understanding of what a locked down and hardened Kubernetes environment is and the approaches they can take to meet varying security needs.

Tools used/Prerequisites:

  • Access to a sandbox cluster or ability to run a Local k8s distro (one of): Kind, Colima, K3s, Rancher Desktop, Minikube
  • Cilium CLI - link
  • OPA Cli - link
  • Kubectl - link
  • Cosign - link
  • Snyk and Snyk CLI (free tier is fine for )

Target Audience: Architects/Developers in medium-large companies & organizations with complex security requirements ranging from audit/compliance standards, PII standards, healthcare and a wide range of verticals.


Bryan Oliver

Bryan Oliver

Bryan is an experienced engineer and leader who designs and builds complex distributed systems. He has spent his career developing mobile and backend systems, and building autonomous teams. He is now focused on delivery and cloud native, which is what he currently works on at Thoughtworks. 

He also spends some of his time speaking at tech conferences on Cloud Native and GitOps, including being invited by Weave to speak at the most recent GitOpsDays.


Sean Alvarez

Sean Alvarez

Sean is a solution architect and Subject Matter Expert  who has worked for 15+ years across the public and private sector leading teams to help organizations modernize their technology footprint and development practices to drive growth, increase security posture and increase development efficiency.

In the past 8 years or so he has focused on cloud technologies across multiple vendors to design architectures and strategies for multiple cloud migration paths and cloud-native application modernization.