 Hey, everyone, thank you for being here. I'm Connor Gorman. I'm a senior principal engineer at Red Hat. And for the last five years, I've worked on the Stack Rocks project, which is now open source. It's a Kubernetes security platform. So it's pretty fitting today that I'm going to talk to you about how developers help scale Kubernetes security, maybe. There we go. Awesome. At the end of 2021, in a report for the CNCF, it was said that 5.6 million developers used Kubernetes. That number has probably grown a lot by today. And it also speaks to me about the overwhelming success of Kubernetes, but also the overwhelming success of the ecosystem and the communities that we've built. We've enabled developers to ship more code, build more deployments, build more applications, and ship faster than ever before. But there are security implications to this change. Largely, that the number of developers is greatly larger than the number of security engineers. And so we have small security teams tasked with trying to support this ever-growing number of deployments, excuse me. This is probably best shown through something like Log4Shell. This is a sneak peek into many organizations, including myself and security engineers and developers, rapidly trying to fix Log4Shell. For those of you who may not know, Log4Shell is a critical vulnerability in the Log4J logging library. And it was rated a 10 by Apache, the most critical vulnerability, and would allow an attacker to potentially run malicious code against your infrastructure. What happened, though, and what it made people do is it made people come together. It made both developers and security teams quickly collaborate to figure out which applications were vulnerable, where those applications were deployed, and how quickly you could submit a patch. Log4Shell isn't the first critical vulnerability, and it certainly won't be the last vulnerability. So really, how can we make this collaboration permanent, and how can we prepare our organizations for the next one? The answer really lies in leveraging the developer ecosystem that made this possible in the first place. How do we get developers to deliver software so fast? It's never too early to bake in security, whether you're in an IDE, updating a package, like Log4J, whether you're building an image in CI with a tool like Tecton, or you're continuously deploying with a tool like ArgoCD straight to production. The real goal is to involve developers as early as possible in security and help them solve their own issues. But when we create these gates, we really need to focus on the why. Why does this recommendation or gate help make your application more secure? We want to make developers more proactive. There's sort of this misnomer that developers don't care about security. At this point, I think everyone wants to ship secure code. Sometimes you just need to push in the right direction. By integrating security deeply in the development workflows, we can take a small group of security expertise and scale that to potentially thousands of developers. We can enable developers to resolve issues independently and proactively. And hopefully, we can make vulnerability fixes and configuration changes, not events. I think this is probably the hardest part. Mitigating security issues is like a race. And just like I can't go out and run a marathon without building up to it and working out for it, we can't expect our organizations to magically make this happen. And so it takes a concerted effort by both developers, security, operations to truly make this happen. And we need to build up muscle memory. Don't wait for the next critical vulnerability to simply try to get everything done, to figure it out. But really practice this in your day-to-day workflows, in your day-to-day process. And so finally, I'll leave you with this. This is where we all want to be as an organization, constantly shipping code smoothly, rolling down the tracks in the place where every security-related commit is treated exactly the same as every other commit. Thank you. And I hope you guys have a great rest of your Kupcon.