Sign up to save your podcasts
Or
Share Scaling Container Security Without Slowing Developers
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Scaling Container Security Without Slowing Developers
Are you struggling to implement robust container security at scale without creating friction with your development teams? In this episode, host Ashish Rajan sits down with Cailyn Edwards, Co-Chair of Kubernetes SIG Security and Senior Security Engineer, for a masterclass in practical container security. This episode was recorded LIVE at KubeCon EU, London 2025.
In this episode, you'll learn about:
- Automating Security Effectively: Moving beyond basic vulnerability scanning to implement comprehensive automation
- Bridging the Security-Developer Gap: Strategies for educating developers, building trust, fostering collaboration, and understanding developer use cases instead of just imposing rules.
- The "Shift Down" Philosophy: Why simply "Shifting Left" isn't enough, and how security teams can proactively provide secure foundations, essentially "Shifting Down."
- Leveraging Open Source Tools: Practical discussion around tools like Trivy, Kubeaudit, Dependabot, RenovateBot, TruffleHog, Kube-bench, OPA, and more.
- The Power of Immutable Infrastructure: Exploring the benefits of using minimal, immutable images to drastically reduce patching efforts and enhance security posture.
- Understanding Real Risks: Discussing the dangers lurking in default configurations and easily exposed APIs/ports in container environments.
- Getting Leadership Buy-In: The importance of aligning security initiatives with business goals and securing support from leadership.
Guest Socials: Cailyn's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
-Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast
Questions asked:
(00:00) Intro: Container Security at Scale
(01:56) Meet Cailyn Edwards: Kubernetes SIG Security Co-Chair
(03:34) Why Container Security Matters: Risks & Exposures Explained
(06:21) Automating Container Security: From Scans to Admission Controls
(12:19) Essential Container Security Tools (Trivy, OPA, Chainguard & More)
(19:35) Overcoming DevSecOps Challenges: Working with Developers
(21:31) Proactive Security: Shifting Down, Not Just Left
(25:24) Fun Questions with Cailyn
Resources spoken about during the interview:
Cailyn's talk at KubeCon EU 2025
View all episodes
By Cloud Security Podcast Team
5
5656 ratings
Are you struggling to implement robust container security at scale without creating friction with your development teams? In this episode, host Ashish Rajan sits down with Cailyn Edwards, Co-Chair of Kubernetes SIG Security and Senior Security Engineer, for a masterclass in practical container security. This episode was recorded LIVE at KubeCon EU, London 2025.
In this episode, you'll learn about:
- Automating Security Effectively: Moving beyond basic vulnerability scanning to implement comprehensive automation
- Bridging the Security-Developer Gap: Strategies for educating developers, building trust, fostering collaboration, and understanding developer use cases instead of just imposing rules.
- The "Shift Down" Philosophy: Why simply "Shifting Left" isn't enough, and how security teams can proactively provide secure foundations, essentially "Shifting Down."
- Leveraging Open Source Tools: Practical discussion around tools like Trivy, Kubeaudit, Dependabot, RenovateBot, TruffleHog, Kube-bench, OPA, and more.
- The Power of Immutable Infrastructure: Exploring the benefits of using minimal, immutable images to drastically reduce patching efforts and enhance security posture.
- Understanding Real Risks: Discussing the dangers lurking in default configurations and easily exposed APIs/ports in container environments.
- Getting Leadership Buy-In: The importance of aligning security initiatives with business goals and securing support from leadership.
Guest Socials: Cailyn's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
-Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast
Questions asked:
(00:00) Intro: Container Security at Scale
(01:56) Meet Cailyn Edwards: Kubernetes SIG Security Co-Chair
(03:34) Why Container Security Matters: Risks & Exposures Explained
(06:21) Automating Container Security: From Scans to Admission Controls
(12:19) Essential Container Security Tools (Trivy, OPA, Chainguard & More)
(19:35) Overcoming DevSecOps Challenges: Working with Developers
(21:31) Proactive Security: Shifting Down, Not Just Left
(25:24) Fun Questions with Cailyn
Resources spoken about during the interview:
Cailyn's talk at KubeCon EU 2025
More shows like Cloud Security Podcast
View all
Risky Business
365 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
626 Listeners
The Cloudcast
152 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
CyberWire Daily
1,009 Listeners
AWS Podcast
202 Listeners
Darknet Diaries
7,879 Listeners
Cybersecurity Today
166 Listeners
Kubernetes Podcast from Google
181 Listeners
CISO Series Podcast
189 Listeners
Practical AI
192 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
127 Listeners
Cloud Security Podcast by Google
38 Listeners
Risky Bulletin
43 Listeners