Modern cloud-native applications rely on third-party dependencies, managed services, and automated secrets, all of which expand the attack surface in ways attackers understand well. This workshop focuses on the areas that most often lead to compromise: secrets handling, dependency and package risk, and poorly defined trust boundaries within cloud architectures. We will examine how these weaknesses are exploited in practice and walk through concrete patterns for reducing risk while keeping developer workflows intact.

You will learn:

• Understand how secrets exposure, dependency risk, and weak trust boundaries lead to real-world cloud-native compromises.
• Practical patterns for managing secrets and reducing dependency and package risk in modern applications.
• Identify ways to tighten trust boundaries in cloud-native architectures without breaking developer workflows.