Loading…
In-person + Virtual
November 6-9
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central Standard Time (UTC -6). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Tuesday, November 7 • 2:30pm - 3:05pm
Policy-Based Kubernetes Governance, Risk, and Compliance - Jim Bugwadia, Nirmata; Andy Suderman, Fairwinds; Poonam Lamba, Google; Anca Sailer, IBM; Robert Ficcaglia, SunStone Secure

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.


Kubernetes policies are a form of configuration management used to manage other configurations and runtime behaviors. Policies can help simplify security, and also serve as the building blocks for higher level business functions such as Governance, Risk, and Compliance (GRC). In this panel session, members of the CNCF Policy Working Group will first discuss why Kubernetes requires policy management. Then they will present how policy management works at each phase of the cloud native lifecycle. Finally, they will discuss a policy-as-code based approach for addressing critical business functions of Governance, Risk, and Compliance. Such an approach can transform costly and tedious manual processes into automated and continuous processes with collaboration among various personas. This results in organizational efficiencies and cost-savings. You will also learn about the Policy WG charter, activities, and how you can contribute to making Kubernetes secure and compliant.
Speakers
avatar for Jim Bugwadia

Jim Bugwadia

Founder and CEO, Nirmata
Jim Bugwadia is a co-founder and the CEO of Nirmata, the Kubernetes policy and governance company. Jim is an active contributor in the cloud native community and currently serves as co-chair of the Kubernetes Policy and Multi-Tenancy Working Groups. Jim is also a co-creator and maintainer... Read More →
avatar for Anca Sailer

Anca Sailer

Distinguished Engineer, IBM / RedHat
Dr. Anca Sailer is an IBM Distinguished Engineer at the T. J. Watson Research Center where she transforms the clients compliance processes into an engineering practice. Dr. Sailer received her Ph.D. in CS from Sorbonne Universités, France and applied her Ph.D. work to Bell Labs before... Read More →
avatar for Robert Ficcaglia

Robert Ficcaglia

CTO, SunStone Secure, LLC
Robert is the co-chair of the Policy Workgroup and contributor to SIG-Security. He helped lead the 2023 Kubernetes Audit effort and is leading the update of the K8s threat model.
avatar for Poonam Lamba

Poonam Lamba

Product Manager, Google
Poonam is a Product Manager at Google, where she leads Policy, Governance, and Compliance for GKE. An active contributor to the Kubernetes Policy Working Group and Gatekeeper project, she is passionate about open-source solutions. Outside of work, Poonam enjoys hiking, paddle boarding... Read More →
avatar for Andy Suderman

Andy Suderman

CTO, Fairwinds
Andy Suderman is CTO at Fairwinds, a provider of software for platform teams running Kubernetes to standardize and enable development best practices. Andy has worked with cloud native technologies for the last seven years helping organizations adopt and manage Kubernetes. Andy is... Read More →

Policy WG Policy Based Kubernetes Governance, Risk, and Compliance KubeCon NA 2023.pptx pdf
Tuesday November 7, 2023 2:30pm - 3:05pm CST
W194 (Ground Level)
  Maintainer Track, Policy