2025-11-19 –, Room 6-7 (breakout)
Containers accelerate software delivery, but also introduce unique security risks. This talk covers the fundamentals of container security, from writing secure Dockerfiles to deploying hardened workloads in Kubernetes.
In the end you can write the perfect safe Dockerfile and deploy your workloads on Kubernetes securely ;-)
Containers are now central to modern application delivery, but misconfigurations and insecure defaults can quickly expose systems, expose your whole system or can crash your Kubernetes instance instantly.
In this session, we’ll walk through the basics of container security and share actionable best practices: choosing minimal base images, Dockerfile security and image scanning for vulnerabilities.
We’ll then look at Kubernetes-specific measures like RBAC, secret management, network policies, choosing the right container runtime and pod-level security. By the end, you’ll have a clear checklist to make your container workloads safer from build to production.
Michael Trip is a Kubernetes consultant at HCS, specializing in cloud-native infrastructure, DevOps, and virtualization technologies like KubeVirt. With a strong focus on simplifying complex systems, he helps organizations build secure, scalable, and declarative platforms.
Michael has shared his insights at events such as TalosCon 2024, CFGMgmtCamp, and various community meetups. Outside of modern infrastructure, he has a soft spot for retro tech — proving that old-school charm and cutting-edge innovation can go hand in hand.