Jimmy Shah
Jimmy Shah specializes in analysis of mobile/embedded threats on existing platforms, threat modeling and threat intelligence. He has been involved with mobile threat research for over a decade. Shah brings a wide breadth of experience in security research on a variety of mobile and embedded/IoT platforms. If it's lighter than a car, has a microprocessor, and is likely to be a target it's probably his problem.
Session
Many Kubernetes security strategies rely on detection after the fact: scan the image, ship the pod, then react to alerts. This talk flips that model by focusing on prevention over response. We’ll show how Kyverno blocks dangerous workloads before they deploy, and how KubeArmor enforces runtime behavior to stop malicious actions as they happen. These tools run in real clusters, use simple YAML policies, and don’t require changes to your workloads or underlying infrastructure. We’ll focus on common misconfigurations — like containers running as root — and show how they enable attacks like privilege escalation, tooling installs, and container escape, even in clusters that appear secure.