Sign up to save your podcasts
Or
Share Scaling Container Security Without Slowing Developers
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Scaling Container Security Without Slowing Developers
Are you struggling to implement robust container security at scale without creating friction with your development teams? In this episode, host Ashish Rajan sits down with Cailyn Edwards, Co-Chair of Kubernetes SIG Security and Senior Security Engineer, for a masterclass in practical container security. This episode was recorded LIVE at KubeCon EU, London 2025.
In this episode, you'll learn about:
- Automating Security Effectively: Moving beyond basic vulnerability scanning to implement comprehensive automation
- Bridging the Security-Developer Gap: Strategies for educating developers, building trust, fostering collaboration, and understanding developer use cases instead of just imposing rules.
- The "Shift Down" Philosophy: Why simply "Shifting Left" isn't enough, and how security teams can proactively provide secure foundations, essentially "Shifting Down."
- Leveraging Open Source Tools: Practical discussion around tools like Trivy, Kubeaudit, Dependabot, RenovateBot, TruffleHog, Kube-bench, OPA, and more.
- The Power of Immutable Infrastructure: Exploring the benefits of using minimal, immutable images to drastically reduce patching efforts and enhance security posture.
- Understanding Real Risks: Discussing the dangers lurking in default configurations and easily exposed APIs/ports in container environments.
- Getting Leadership Buy-In: The importance of aligning security initiatives with business goals and securing support from leadership.
Guest Socials: Cailyn's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
-Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast
Questions asked:
(00:00) Intro: Container Security at Scale
(01:56) Meet Cailyn Edwards: Kubernetes SIG Security Co-Chair
(03:34) Why Container Security Matters: Risks & Exposures Explained
(06:21) Automating Container Security: From Scans to Admission Controls
(12:19) Essential Container Security Tools (Trivy, OPA, Chainguard & More)
(19:35) Overcoming DevSecOps Challenges: Working with Developers
(21:31) Proactive Security: Shifting Down, Not Just Left
(25:24) Fun Questions with Cailyn
Resources spoken about during the interview:
Cailyn's talk at KubeCon EU 2025
View all episodes
By Cloud Security Podcast Team
5
5454 ratings
Are you struggling to implement robust container security at scale without creating friction with your development teams? In this episode, host Ashish Rajan sits down with Cailyn Edwards, Co-Chair of Kubernetes SIG Security and Senior Security Engineer, for a masterclass in practical container security. This episode was recorded LIVE at KubeCon EU, London 2025.
In this episode, you'll learn about:
- Automating Security Effectively: Moving beyond basic vulnerability scanning to implement comprehensive automation
- Bridging the Security-Developer Gap: Strategies for educating developers, building trust, fostering collaboration, and understanding developer use cases instead of just imposing rules.
- The "Shift Down" Philosophy: Why simply "Shifting Left" isn't enough, and how security teams can proactively provide secure foundations, essentially "Shifting Down."
- Leveraging Open Source Tools: Practical discussion around tools like Trivy, Kubeaudit, Dependabot, RenovateBot, TruffleHog, Kube-bench, OPA, and more.
- The Power of Immutable Infrastructure: Exploring the benefits of using minimal, immutable images to drastically reduce patching efforts and enhance security posture.
- Understanding Real Risks: Discussing the dangers lurking in default configurations and easily exposed APIs/ports in container environments.
- Getting Leadership Buy-In: The importance of aligning security initiatives with business goals and securing support from leadership.
Guest Socials: Cailyn's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
-Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast
Questions asked:
(00:00) Intro: Container Security at Scale
(01:56) Meet Cailyn Edwards: Kubernetes SIG Security Co-Chair
(03:34) Why Container Security Matters: Risks & Exposures Explained
(06:21) Automating Container Security: From Scans to Admission Controls
(12:19) Essential Container Security Tools (Trivy, OPA, Chainguard & More)
(19:35) Overcoming DevSecOps Challenges: Working with Developers
(21:31) Proactive Security: Shifting Down, Not Just Left
(25:24) Fun Questions with Cailyn
Resources spoken about during the interview:
Cailyn's talk at KubeCon EU 2025
More shows like Cloud Security Podcast
View all
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
629 Listeners
The Cloudcast
153 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
CyberWire Daily
1,011 Listeners
AWS Podcast
201 Listeners
Smashing Security
313 Listeners
Malicious Life
925 Listeners
Darknet Diaries
7,821 Listeners
Cybersecurity Today
164 Listeners
CISO Series Podcast
188 Listeners
Hacking Humans
310 Listeners
Defense in Depth
78 Listeners
Cyber Security Headlines
119 Listeners
Risky Bulletin
33 Listeners