Elevator Pitch
By default, every pod in Kubernetes can talk to every other pod—an attacker’s dream! In this talk, learn how Network Policies enforce zero-trust, isolate workloads, and secure traffic in real-world clusters with Calico, Cilium, and GKE.
Description
This session is for SREs, DevOps engineers, and platform teams who want to strengthen Kubernetes security at the network layer. While cloud providers offer firewalls and service meshes, the last line of defense inside the cluster is Network Policies.
The talk balances concepts + live demos and provides a clear journey: starting from the “default open cluster,” then step-by-step applying Network Policies to enforce strict communication.
I will use Calico on GKE to illustrate examples, but the learnings apply to any Kubernetes distribution. The session ensures attendees leave with concrete policies they can apply to their workloads.
Notes
I have hands-on experience in Kubernetes security with real world use cases , GKE networking, and policy enforcement using Calico & Cilium. I’ve previously spoken at more than 15+ Google Cloud community events, CNCF events and Google Devfest events and contributed blogs on DevOps practices. This is an in-person talk; no remote requirements.`