Machine Identity Security Summit 2024: Full Schedule

Consider this year’s agenda your roadmap to the identity-first future

4:00pm EDT

Securing Kubernetes Workload Identities with Compliant PKI and Governance

Wednesday October 2, 2024 4:00pm - 4:30pm EDT

Unmanaged certificates and weak encryption in Kubernetes can lead to shadow IT, rogue developer activity, governance challenges and non-compliant PKI usage. Learn about the different types of workload identity threats in Kubernetes, along with effective strategies for mitigating them with a cloud native certificate management solution. We’ll explore how compliant PKI, using Firefly with SPIFFE and Zero Touch PKI, secures authentication across environments—reducing cyber-attack risks, ensuring data integrity and streamlining operations by eliminating manual certificate management. We’ll share real-world use cases highlighting the benefits of decentralized issuance and workload identity solutions. And you’ll come away with a crypto agile architecture blueprint for scalable identity security to secure sensitive data, maintaining regulatory compliance for modern workloads.

Speakers

Akbar Ghaswala

Service Manager, Navy Federal Credit Union

Akbar Ghaswala is a Service Manager at Navy Federal Credit Union. He leads a team of dedicated, talented and passionate PKI professionalswho automate certificate installations, mitigate certificate related outages and manage certificate inventory.He has worked in IT for 25+ years... Read More →

Sitaram Iyer

VP, Emerging Technologies, Global Architects, Venafi

Sitaram is primarily focused on bringing security teams and developers closer. He works closely with customers worldwide to help drive the adoption of cloud native security strategy leading with cert-manager in Kubernetes and various other CNCF projects to bridge the gap between security... Read More →

Wednesday October 2, 2024 4:00pm - 4:30pm EDT
Great Room

Breakout Session

Topic Workload Identity, Cybersecurity Standards, Cloud Native Security

1:30pm EDT

Building Standards Into Your Workload Identity Framework

Thursday October 3, 2024 1:30pm - 2:00pm EDT

Great Room

Are you ready to enable zero-trust architectures for workload identity? How much do you know about the various new draft standards and the new IETF working group, Workload Identity for Multi-Service Environments (WIMSE)? Join this session to review the advancements and advantages of emerging drafts, including enhanced security for service-to-service authentication and integration with transaction tokens, while pinpointing the existing gaps. We will also discuss the upcoming standards required for implementing zero-trust architectures for workload identities and how the initiatives of the Cloud Native Computing Foundation, IETF and OpenID Foundation are aligning to create a robust trust infrastructure for workload identities.

Speakers

Justin Richer

CTO, UberEther & Co-Chair, WIMSE, UberEther

Justin Richer is the CTO of UberEther, and is a security architect, software engineer, standards editor, and systems designer with over two decades of industry experience. He is the lead author of OAuth2 In Action from Manning Publications (with Antonio Sanso) and contributor to OAuth... Read More →

Joseph Salowey

Principal Security Engineer, Venafi

Joe currently works at Venafi as a Principal Product Security Engineer. He has spent the majority of his career working on security solutions at various companies including Cisco and Salesforce. He is especially focused in the areas of secure communications, authentication and authorization... Read More →

Thursday October 3, 2024 1:30pm - 2:00pm EDT
Great Room

Breakout Session

Topic Workload Identity, Cybersecurity Standards, Cloud Native Security