Chris Maenner
Chris is Head of Security at Ybor Technologies, where he focuses on securing Kubernetes platforms, AI workloads, and cloud-native infrastructure. He has been working in security engineering since 2006, spanning roles from early-stage startups to enterprise platform teams.
Chris serves as a board member of BSidesPhilly and is a frequent speaker at security conferences, including multiple BSides events, Boardwalk Bytes, and corporate conferences. He's passionate about helping fast-moving teams build secure systems without sacrificing velocity.
Outside of security, Chris builds music applications and spends his free time visiting music venues around the world.
Session
Startups ship fast, often faster than their security practices can keep up. As someone who's built and secured platforms at growth-stage companies, I've watched teams accumulate risk while chasing product-market fit. Then they add AI workloads, and the attack surface explodes.
This talk bridges two worlds: the pragmatic security challenges of scaling startups and the technical reality of securing AI workloads in Kubernetes.
We'll cover common failure modes: identity sprawl, over permissioned service accounts, implicit trust between services and how security practitioners can enable velocity instead of blocking it.
Then we'll dive into service mesh patterns for AI workloads:
- Identity-first security with mTLS and SPIFFE
- East-west traffic controls and fine-grained authorization
- Model access isolation and prompt protection
- Observability for detecting AI service abuse
All examples come from production Kubernetes environments. Attendees will leave with patterns they can implement