Home Speaking about AKS Security at The Hack Summit 2025
Post
Cancel

Speaking about AKS Security at The Hack Summit 2025

Posted Sep 20, 2025 by By Wolfgang Ofner 5 min read

I am excited to announce that I will be sharing my expertise on cloud security at The Hack Summit 2025! While the conference is running, my session, “AKS Security Simplified for Developers,” will be available on-demand (VOD) for you to watch at your convenience.

This session is designed specifically for developers and teams who need to secure their Kubernetes environments without getting bogged down in complex infrastructure management.

Why You Should Watch

If you have ever worried that securing your AKS environment is too complicated, this session is for you. We cut through the noise to focus on the essential Azure-native tools that simplify complex security challenges like:

  • Eliminating Secrets: Using Entra Workload ID to secure application-to-resource communication.
  • Controlling Network Traffic: Securing your image supply chain with private ACR connections.
  • Managing Access: Configuring secure access for both developers and CI/CD pipelines to private clusters.
  • Enforcing Governance: Leveraging Azure Policy to automatically maintain security standards.

I look forward to you watching the session! Be sure to check out the rest of the fantastic content available at The Hack Summit 2025.

Join me online on Monday, Octobner 13, 2025.

You can register for the event and get more details on the conference website.

Looking forward to seeing you there!

Slides of the Talk

You can find the slides of the talk on GitHub.

Watch on Youtube

You can find the recording of the talk on Youtube.

The abstract for my session is as follows:

AKS Security Simplified for Developers

Kubernetes is widely adopted for managing containerized applications, therefore, ensuring its security is crucial. This talk will demonstrate that securing your Azure Kubernetes Service (AKS) clusters, while it may seem challenging, is quite manageable with the right practices.

This session explores setting up private connections to Azure Container Registry, enabling secure image storage and retrieval. It also covers integrating Azure Policy to enforce security standards across your clusters, and how Entra Workload ID provides secure access to resources without the need for managing secrets.

Private clusters enhance the security by restricting access to the cluster’s API server endpoint. Various authentication options, such as using Entra ID, ensure that only authorized users can access your resources. However, accessing private clusters from CI/CD pipelines presents unique challenges. This talk addresses these by explaining how to configure service connections and use managed identities effectively.

Attend this session for a comprehensive overview of these security features, complete with practical demos and expert tips. Whether you are new to AKS or looking to enhance your existing security measures, this session will provide valuable insights to help you secure your Kubernetes environment effectively.

Speaking
Azure Kubernetes Service AKS Speaking Public Speaking Conference Kubernetes Azure Security
This post is licensed under CC BY 4.0 by the author.
Contents

Video - The Hidden Azure Security Risk You Can't Afford to Ignore

Quick Guide to Managed Namespaces in AKS

Comments powered by Disqus.