At Mercari, we've been building internal development platform top on Kubernetes and Cloud native ecosystem for more than 3 years. The history of building the platform is the history of security hardening. In this session, I'm going to introduce what kind of security hardening we've implemented from basic k8s manifest security policy enforcement to supply chain integrity checking, IaC automation security, and zero-touch-based access automation.
Taichi Nakashima (@deeeet) is an engineering manager for Platform Developer Experience (DX) and SRE team at Mercari. Prior to Mercari, he was a software engineer at Rakuten, working on building and operating the internal Platform-as-a-Service (PaaS). He is a podcaster at e34.fm and co-author of “みんなのGo言語”