Edera Joins CNCF & Linux Foundation and Heads to KubeCon + CloudNativeCon London!

The Edera team is packing our bags and heading to London for KubeCon + CloudNativeCon Europe 2025! But we’re not stopping there—we’ll also be at Cloud Native Rejekts and MonkiGras. We're excited to connect with the community and explore opportunities for collaboration as we work together to drive innovation in the cloud native landscape. 

Keep reading to learn more about our presence at these events and enter to win our VIP “Night with The Chainsmokers” raffle. 

Meet the Edera Team

You’ll find a powerhouse lineup of Edera folks in London, ready to talk security, isolation, and all things cloud-native:

• Emily Long – Co-founder and CEO
• Alex Zenla – Co-founder and CTO
• Kaylin Trychon – CMO
• Jed Salazar – Field CTO
• Sarah Christoff – Staff Software Engineer
• Lewis Denham-Parry – Staff Solutions Engineer
• Marina Moore – Security Researcher

Talks You Don’t Want to Miss

Our team is bringing top-tier security insights to KubeCon:

A Project Maintainers Guide To TAG Security with Marina Moore, Security Researcher

Monday March 31, 2025 11:35 - 12:10 BST
Level 3 | ICC Capital Suite 14-16

Is your project looking to move levels in the CNCF, but you have questions about the security requirements? Have you make every security improvement you can think of, but have a nagging feeling that you missed something? Or do you just want help with your project’s security?

TAG Security can help! TAG Security does security assessments of CNCF projects, both as part of graduation and to help improve your security posture. It also has several publications designed to help apply security concepts to cloud native projects. In this talk we will discuss the resources that TAG Security provides to projects and their maintainers to understand and improve their security. We’ll dive into assessments: project self-assessments, how these relate to joint security assessments, how both of these relate to incubation and graduation. We’ll also talk about how TAG Security relates to the domain technical reviews (DTRs) for projects moving levels. Join us to level up your project’s security posture!

Container Runtimes... on Lockdown: The Hidden Costs of Multi-tenant Workloads with Lewis Denham-Parry, Staff Solutions Engineer

Friday April 4, 2025 11:00 - 11:30 BST
Level 1 | Hall Entrance S10 | Room D

Container runtimes form the bedrock of Kubernetes, but running diverse workloads side-by-side introduces complex security challenges that many teams overlook. This talk peels back the layers of container isolation, starting with the fundamentals of how containers operate as Linux processes and evolving through today's runtime landscape.

We'll dive deep into the hidden costs and security implications of different container runtime choices in multi-tenant environments. Through real-world examples and performance benchmarks, we'll explore the delicate balance between isolation and efficiency. You'll learn about emerging solutions in the container runtime space and practical approaches to securing workloads without sacrificing performance.

Attendees will leave with critical security considerations for choosing container runtimes, strategies for workload isolation, and tools to evaluate isolation versus performance tradeoffs.

TUF-en up Your Software Supply Chain with Marina Moore, Security Researcher

Thursday April 3, 2025 11:45 - 12:15 BST
Platinum Suite | Level 3 | Room 1-2

Has your software distribution gotten overwhelmed with supply chain security metadata? Do you struggle to connect your SBOMs and attestations to images? In this talk we will cover how you can securely distribute your images along with software supply chain metadata for an end-to-end secure software distribution pipeline. We will discuss secure software update and distribution using TUF, and how this ties into other CNCF projects for securing your software supply chain. We will focus on how TUF ensures that images and metadata are current and resilient to tampering, and discuss recent improvements to the project. We will then demo how TUF can be used with in-toto to securely distribute and verify software supply chain metadata and attestations.

Was Leslie Lamport Right? with Sarah Christoff, Staff Software Engineer

Wednesday April 2, 2025 12:00 - 12:30 BST
Level 0 | ICC Capital Hall | Room I

Leslie Lamport, the Father of Distributed Systems, has produced extensive research, many of which date back to the 1970s. These theories are often quoted as "impractical" in modern distributed systems, but how many millions of dollars could we have saved by implementing them if they weren't?

We will learn a little history about distributed systems and the man whose thinking started a movement. We take dense concepts such as concurrency, consistency, and clocks and teach through fun, real-world, practical experiments reminiscent of high school science class. Once class is out, it's time to bring it back to the real world, showcasing how Lamport influenced cloud native systems.

As a takeaway, we will provide blueprints for these experiments, from bare metal to multi-cloud. Empowering you to deliver research-driven change within your organizations and minimizing 3 AM pages while adding content to make resumés shine.

Finally, you will be able to answer: Was Leslie Lamport Right?

What I Wish I Knew About Container Security with Jed Salazar, Field CTO

Monday March 31, 2025 09:30–10:00
The Nash @ Rejeckts

Linux is the technology that underlies all of cloud native. In this talk, we will explore the vulnerabilities that bending Linux to support container technology has uncovered. We also share new and old technologies that have changed the paradigm for container security, like eBPF, and paravirtualization. Finally, we'll showcase how easy it is to adopt these technologies to secure your containerized workloads.

This talk begins with a view of how Linux was never originally designed to support the cloud native environments and workloads that we do with it every day. There have been a decade of examples of the ongoing security challenges and vulnerabilities imposed by adapting Linux to cloud native. We aim to showcase how new and old technology like eBPF and paravirtualization change the paradigm of container security and eliminate the most common vulnerabilities.

Where to Find Us

Beyond the talks, we’re making the most of our time in London:

Kuberoke

Kubernetes, cloud-native, and karaoke? Sign us up. Whether you’re singing your heart out or just enjoying the show, this is the place to be for fun and networking. Register here

Edera’s First Birthday Party

Our baby grew up so fast! To celebrate Ivy's first birthday, we're giving away a VIP experience with The Chainsmokers. Register for this event to get one entry in the raffle, and attend to get five more entries. RSVP here.

Let’s Talk About Edera Protect AI

Edera Protect AI is now in Beta, and we’d love to show you what it can do. If you're interested in securing your AI workloads with cutting-edge isolation technology, book some time with us at KubeCon. Head over to edera.dev/events to schedule a meeting!

Let’s Connect!

If you’re in London for KubeCon, Cloud Native Rejekts, or MonkiGras, we’d love to chat. Whether it’s about container security, multi-tenancy, or just grabbing a drink—come find us!

See you in London!