The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon India 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Please note: This schedule is automatically displayed in India Standard Time (UTC+5:30). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis.
Sign up or log in to add sessions to your schedule and sync them to your phone or calendar.
LSMs provide kernel-level security mechanisms that can be used to address the dynamic challenges of cloud native security. KubeArmor, a runtime security engine and CNCF sandbox project uses LSMs to protect cloud workloads at runtime.
As a maintainer of KubeArmor, I will share my understanding working with LSMs to implement a robust runtime security engine to protect cloud workloads through the lens of KubeArmor.
While all LSMs provide crucial security benefits, their effectiveness varies significantly based on use-case, deployment context and operational requirements.
In this session, I'll be evaluating LSMs including SELinux, Apparmor and BPF-LSM across three critical dimensions: Performance impact: The overhead each LSMs introduce. Security capabilities: Each LSM's effectiveness against common attack vectors through live demonstrations. Operational complexity: Highlighting the learning curve, complexities in implementation and maintenance.
