Cloud

Keyless Entry: Securely Access GCP Services from Kubernetes

1 min read

This is a talk I gave with Aaron Small and Mike Danese about foregoing long lived credentials (PKI) for short lived access tokens on GKE. You can read about it over on the Google Cloud Blog, too! No more exporting Google service account …

Securing the Software Supply Chain

1 min read

This is a talk Jianing Guo and I gave at Google Cloud Next 2018 about securing software supply chains with Binary Authorization. I showed off the tool my team developed called Voucher which we later donated to the Grafeas organization. I …

Securing Shopify's PaaS on GKE

1 min read

This is a talk I gave at SecTor, as well as at KubeCon the following month! Shopify has leveraged Kubernetes through Google Container Engine (GKE) to build its new cloud platform. This PaaS is currently serving the majority of the …

Infrastructure Security 2.0

1 min read

Shopify has leveraged Kubernetes through Google Container Engine (GKE) to build its new cloud platform. This PaaS is currently serving the majority of the company’s internal tools as well as business-critical production workloads. …