Security

Description As Staff Cloud Security Engineer at Ledger, I share how we protect the infrastructure behind one of the world’s leading cryptocurrency security companies. This case study explores our journey from fragmented security visibility to comprehensive cloud protection across our multi-cloud environment. In this talk, I discuss how Ledger leverages Wiz’s Cloud Native Application Protection Platform (CNAPP) to secure both our internal infrastructure and protect our customers’ sensitive data. We’ll cover practical implementations including: ...

Description Securing the software supply chain can feel overwhelming, especially with dynamic frameworks like SLSA (Supply-chain Levels for Software Artifacts). This beginner-friendly session explores practical strategies to secure your software from build to runtime using cloud-native tools and methodologies. In this comprehensive talk, I demonstrate how to implement robust supply chain security practices within the CNCF ecosystem, covering: ...

Title / Titre English: Rethinking Cloud Security, from Code to Real-time Protection French: Sécurité cloud repensée, du code à la protection en temps réel Description Découvrez comment Ledger, leader des portefeuilles sécurisés de crypto-monnaies, a renforcé la sécurité de son infrastructure Cloud avec Wiz. Grâce à une approche unifiée, de la détection en temps réel à la remédiation automatisée, Ledger a pu simplifier la gestion des risques, assurer une visibilité complète et démocratiser la sécurité auprès de ses équipes. ...

Description Navigating the complexities of supply chain security might seem intimidating, especially with evolving frameworks like SLSA (Supply-chain Levels for Software Artifacts). This beginner-friendly session introduces foundational practices required to secure software from build to runtime using CNCF tools. In this talk, I explore practical implementations of supply chain security within the Kubernetes ecosystem, covering: ...