Automating and Scaling of Threat Modelling for Cloud Native Architecture - Hanna Papirna & Emma Yuan Fang, EPAM Systems

less than 1 minute read

Abstract

Security teams often struggle to threat model cloud-native applications running on Kubernetes in cross-tenant environments. Traditional methods cannot keep pace with microservices, containers, serverless deployments and continuous delivery cycles. This session presents a block-based methodology that divides applications into four clear domains: gateway, service mesh, identity management, and storage. The approach makes threat analysis scalable and integrates seamlessly into development workflows. Attendees will also learn to adopt threat modelling as code with declarative models validated in CI/CD pipelines. A demo illustrates how to use AI tools optimally to reveal security risks in complex microservices applications and highlights how CNCF-graduated project controls address many threats while exposing remaining gaps. Attendees will leave with a repeatable workflow for threat modelling applicable to Kubernetes, serverless, or hybrid cloud-native systems.

Sched URL

Video

Share on

X Facebook LinkedIn Bluesky

About

Conferences

Automating and Scaling of Threat Modelling for Cloud Native Architecture - Hanna Papirna & Emma Yuan Fang, EPAM Systems

Abstract

Video

Share on

You May Also Enjoy

The Shared Service Blueprint: A Guide to Multi-Tenancy, Illustrated With KEDA - Aya Igarashi, Preferred Networks, Inc.

Tailor Made: Dynamic Fine-Grained Authorization for API Traffic - Erica Hughberg, Tetrate & Andres Aguiar, Okta

SPIFFE Meets OAuth: Federated Identity for Cloud Native Workloads - Yoshiyuki Tabata, Hitachi, Ltd.

SB💣💣M: Making SBOMs Play Together - Jacopo Bufalino, CNAM & Agathe Blaise, Thales SIX GTS France