KubeCon + CloudNativeCon NA 2025 | Roman Zhukov & Anjali Telang, Red Hat

Clips
More from KubeCon + CloudNativeCon NA 2025

Roman Zhukov

Principal Security Community Architect, Open Source Program Office

Red Hat

Anjali Telang

Senior Principal Product Manager, OpenShift Security and Identity

Red Hat

play_circle_outline Trust and zero-trust security principles essential for AI and partnerships.

play_circle_outline Navigating AI Onboarding Challenges: Educating Developers for Curiosity-Driven Experimentation with Kubernetes and Emerging Technologies

play_circle_outline Ensuring Digital Sovereignty: Addressing Hybrid Cloud Infrastructure and AI with Confidential Computing Solutions for Secure Data Processing.

play_circle_outline Future hopes for standardized protocols and trust frameworks in AI by 2026.

Info
Transcript

Roman Zhukov & Anjali Telang, Red Hat

Roman Zhukov

Principal Security Community Architect, Open Source Program Office Red Hat

Anjali Telang

Senior Principal Product Manager, OpenShift Security and Identity Red Hat

In this KubeCon + CloudNativeCon North America segment from Atlanta, theCUBE’s Savannah Peterson sits down with Red Hat’s Anjali Telang and Roman Zhukov to unpack what zero trust really means in the AI era. They explain how organizations can reuse existing Kubernetes security investments and zero-trust principles for agentic AI workloads, and why confidential computing and digital sovereignty matter as hybrid cloud and AI infrastructures span regions and jurisdictions.

They also explore how open source communities and new regulations such as the EU’s C... Read more

explore Keep Exploring

What does "zero trust" mean in the context of identity verification and artificial intelligence? add

What are the considerations and approaches for integrating AI with existing technologies like Kubernetes? add

What are the concerns associated with hybrid cloud infrastructure and how does confidential computing address those concerns, particularly in relation to data privacy and AI? add

What is your perspective on the need for standards in AI development to enhance security and collaboration among open source communities? add

bolt Powered by CUBE AI

Roman Zhukov & Anjali Telang, Red Hat

search

Savannah Peterson

>> Good afternoon, cloud native community, and welcome back to Atlanta, Georgia here. We're steaming through day one of our three days of live coverage at KubeCon on theCube. My name's Savannah Peterson, bringing you all the most brilliant guests from the show floor with Rob Stretchay. Rob, were you expecting it to be this cold this week?

>> I wasn't. It's coldlanta. It's like legit is coldlanta this week.

Savannah Peterson

>> It's actually freezing.

>> It was below freezing. 29 degrees this morning when I came over. I was like, this is crazy.

Savannah Peterson

>> You're used to this in the Northeast.

>> I am.

Savannah Peterson

>> I am a Californian, Rob, and this is atrocious. But thankfully here to warm us up with a very exciting conversation is an Anjali and Roman. Thank you so much for being here.

Anjali Telang

>> Thank you so much for having us. Yeah.

Savannah Peterson

>> This is going to be a great one. I want to start by talking about trust. We are in a very unique era when it comes to AI tooling everything. Trust is at the core of everything that we're doing in terms of selecting partnerships. Anjali, I want to open it up to you. What does zero trust mean in the AI era?

Anjali Telang

>> It's a great question. Zero trust in general means that you trust no one, first, you always verify, and then you base that verification on an identity, and then you trust the person. As you would trust anyone, users like humans, you would also trust machines the same way. And with AI, we want to sort of bring in the same trust that we already have built into the system. We want to make sure that the users, the machine, all the trust that we have brought in with the best practices around that, that translates to AI workloads also, AI agents also. Of course, there are nuances with AI agents, but then we want to extend that same trust fabric, the same tenets of trust, always verify and then trust. Yeah.

Savannah Peterson

>> And you guys were at SecurityCon yesterday. You've been out with the people, understanding. What are some of the major challenges that people are seeing with Kubernetes and with agentic AI in particular as they're going through? What are you hearing?

Anjali Telang

>> So some of the things that we are hearing from people is we have onboarded our applications on Kubernetes. Now, is AI a whole new thing that we want to now tackle? Well, and this is what I talked about in my keynote as well, we already have put in so much work in getting these technologies right. We don't have to rebuild everything. There's a lot of reuse that we can do. We can use the same principles, zero-trust principles, and then extend them to AI. So I'll say this: with AI, there's a lot of fear involved, and that's what I got as a response. But my response to that is just be curious. Try it out in a safe environment and then extend it.

Savannah Peterson

>> Yeah. What are you hearing, Roman?

Roman Zhukov

>> Yeah, that's all great questions. I think the major challenges that we face with AI right now is the enormous speed with which we make these innovations happen. And as you mentioned, we can stop the progress. We're not going back. Kubernetes is here and cloud-native environments are here. We just need to make it all right. We just need to educate developers to cook AI right and-

Savannah Peterson

>> Love that.

Roman Zhukov

>> Yeah. Yeah. And this is major change as well. Besides that, we hear a lot of concerns as this hybrid cloud infrastructure rolled out across the companies, across different geos. We hear this so-called digital sovereignty concerns. Everybody wants to make sure that the technology that they build and use, they can control them, and this notion expands to AI as well. That's why technologies like confidential computing, for example, comes to play. Confidential computing is all about securing data in use when you can protect your workloads while in use so nobody, including the cloud providers or administrators, they can't access your data because it's encrypted. And that becomes critically important in the age of AI because now we share all this data across the globe between the companies, and also we share models. And of course, we're going to make sure that nobody have access to this confidential information.

>> And you guys are even going further, because we were talking a little bit earlier about post-quantum and things of that nature-

Savannah Peterson

>> Oh, yeah. Very exciting.

>> Yeah, but AI really breaks some boundaries, right? Because there's a lot of data in these models, there's a lot of data people want to put in these models. How do you see trusted AI really evolving? And start with you.

Roman Zhukov

>> Yeah. You mentioned data, and that's a really great point because when we look at how AI systems work, again, it's really fast. Developers just consume these models straight away from Hugging Face with their one command, and nobody really knows what's inside. There is a possibility to include their malicious codes there, and there are tons of example. I think the recent example was just one month ago or a few months ago that's the legitimately looking, but in fact, malicious cloud code included some malware that's consumed straight away by developers in the cloud, and then they steal the credentials, the anthropic credentials of the developer's machine and exposes some of the critical data out of the infrastructure. So that's the problem. Now, how to approach this problem? The data is very important because we often don't know how these models were trained and how this data was collected, and again, this is a possibility to include something malicious to poison this data. That's why data provenance concept comes to picture. That means making sure that we understand how data was collected, upon which the models are trained, and we can actually put... So I put it there, like an attrition table, what's the purpose of this data, what's the geo, what's the licensing, et cetera, et cetera, so that it could be then signed and verified down the chain as developers consume this data, as we roll out these AI systems, and as users interact with these systems.

Savannah Peterson

>> So you're making sure that it's safe and easy to use all the way through the line-

Roman Zhukov

>> Exactly, yeah....

Savannah Peterson

>> which is really important, because that's a wildly huge risk. You think about everybody vibe coding, we're doing things right now, and you don't know what you just put into all of your data or on your machine or in your cloud. It's actually kind of spooky to think about. Let's talk a little bit about... Well, so this is kind of fun. We were talking, Rob and I, just a second ago, open source is really having a moment. I feel like the whole industry, and even I feel like my mom knows what open source is right now. Hi, Mom, by the way. But we're kind of having a moment. And I think it's really interesting because we've all been fans of building in public and transparency and the education of the community within that. How is that going to help influence the overall industry as we move into the era of regulation, with some of the AI regulation acts going on in Europe and around the world? Anjali, I'll start with you.

Anjali Telang

>> So you mentioned regulations for AI and how this is impacting. From my perspective, I work a lot with open-source projects, and what we are seeing is... You mentioned data as well. How do we make sure that the data remains in the regions that you're looking for? And then you build policies around it, and then you build frameworks around it, and then how does the infrastructure react to that, right? Building the build, deploy, run, and making sure that you have the right governance model throughout that process is how we would approach it, and I'm seeing more and more community people coming together to build that.

Savannah Peterson

>> Oh, that's refreshing. Well, I'm not surprised.

Anjali Telang

>> Yeah.

Roman Zhukov

>> And what are you seeing?

Roman Zhukov

>> Yeah. I think you pointed out this is an open-source moment, and not even our relatives and grandparents know about open source, but also policymakers are on the world. They noticed that open source is such a thing and they finally understood-

Savannah Peterson

>> That's a great point....

Roman Zhukov

>> they finally understood that open source is not something that is pure for hobbyists. Linux runs the world. That was the huge eye-opener for some of the regulators. That's why open-source industry right now is facing some of the tensions, because with the introduction, things like the European Union Cyber Resilience Act, which at first glance applies to manufacturers, to vendors of the software and hardware, but then it also introduced the notion of so-called open-source software steward that means to be in between vendors and users. By stewards, we can understand the foundations like Linux Foundation, for example, or some major companies like Red Hat, who supports this open-source project. And now, with these mandatory requirements for manufacturers and for stewards, it becomes clear that open source and security of open source, and in particular supply chain, is such a big deal, and now it's no longer an option or a good standard that you need to follow. Now it's mandatory. Now is a great moment for all of us in the ecosystem actually to stand together and work together and solve this problem. And we at Red Hat see positive things in the regulations like Union Cyber Resilience Act because finally this is a major push to get us all by the one table and speak to each other and help open-source projects to eventually improve the security posture.

Savannah Peterson

>> Yeah, I was going to say, and you kind of hit on this a little bit, and I want to kind of tie the parallels back to AI, to me... Three years ago in Amsterdam, we were talking about SBOMs all the time.

Savannah Peterson

>> We really were. I'm glad you just brought that back. Wow.

>> It was legit-

Savannah Peterson

>> That was the theme....

>> the theme.

Savannah Peterson

>> That was totally the theme.

Roman Zhukov

>> I felt like it was also very sunny there.

Savannah Peterson

>> Yes.

>> And not cold. But anyway, unlike Atlanta. But so when we pull back to SBOMs, we've learned a lot about SBOMs. SBOMs are always a great idea. I've had to do it with software projects that I've done. What lessons have we learned there, and how do they apply to AI? We'll kick it off with you.

Roman Zhukov

>> Yeah, sure. You're right that BOMs are really important, and again, now is the right moment when pretty much everybody understands that we need to produce SBOMs, we need to do something with that, and it's also a part of the standards and regulations. Now everybody must do SBOMs. In the age of AI, I think that, again, contributes to the notion of trust. As much information we have about the system itself and all of the dependencies that are in software, as better we can be prepared to the potential attacks or kind of malicious behaviors over all vulnerabilities that can be in our systems. Now I think the notion of SBOMs is expanded to AI BOMs when you can collect all of this information about AI system and the model and some of the other dependencies in the standardized, machine-readable formats so that all the developers, again, can then verify that everything is legitimate there.

Anjali Telang

>> And what we've seen is also the AI BOMs system itself is expanding. It started off with models. Now there are MCP servers, there are MCP clients, agents. So this is a very evolving space, and standards are also sort of conforming, and we are excited to have open-source community contribute in this.

Savannah Peterson

>> Yeah, I look at it and go, it's just such an evolving landscape that really when you look at it, some of the lessons that we've learned along the way, like building security in, designing security in from the beginning, has to be there-

Savannah Peterson

>> Secure by design, baby. Yeah.

>> Yeah. Where do you see this going as we go into... Because AI complicates things. Like you said, even MCP, and like six months ago, everybody's like, "You get an MCP server, you get an MCP server," and it wasn't secure, and it wasn't a secure protocol at the time. Now things are being done around that.

Savannah Peterson

>> That's a great point, Rob.

>> How do you see this secure-by-design going forward?

Anjali Telang

>> In fact, we did a tutorial just before this on how to build in trust into this framework, how to build a trust fabric. And really, as you said, everyone is using MCP. So getting trust right from the start is very important. Using your tools like OAuth, Keycloak, OIDC, and SPIFFE/SPIRE, by the way, for workload identity, we need to start reusing those concepts into this framework and building it with that. We also talked a little bit about MCP Gateway. That will help with authentication, authorization, and controls. The controls are really important to build in from the start. That's what I'd say.

>> Great.

Savannah Peterson

>> They're imperative. I don't think things will get off the ground if you lose that trust, especially in this stage with the amount of risk, velocity, and everything else going on in our AI world, no matter if it's agentic or not. I have one final question for you fabulous individuals. When we have the joy of reconnecting at KubeCon at 2026 in Salt Lake City next winter, what do you hope to be able to say then that you can't yet say today? Roman, I'll start with you on this one since I've put Anjali in the hot seat twice.

Roman Zhukov

>> I think as I look into the future, I would really like to see the more standards come to play about AI so that we don't invent the new protocol each day, because it really affects security eventually. And that's why it's very important that right now we are collectively as an open source communities working within the Linux Foundation, OpenSSF, CNCF, and some other communities like OASIS Open or OWASP to standardize some of these things so that next year, we can say, "Okay, for this particular agentic workflows or protocols, we have those standards," and probably the majority of vendors already implement this secure-by-design standards so that we minimize the attack surface and we'll innovate faster and secure.

Anjali Telang

>> And I really want to see more people use AI. I want to see them use AI. You cannot make progress until you try it. But try it in a safe environment. Try it where you can have these controls and you have control over the system and we know what the output is going to be like, and it should make you want to make sure it doesn't harm anything. So I want, in 2026 when we meet, I would like to see more people use it and take it to production as well.

Savannah Peterson

>> Love that. Well, we want to see both of those things. Anjali and Roman, thank you so much for joining us today.

Anjali Telang

>> Thank you so much for having me.

Roman Zhukov

>> Thanks for having us.

Savannah Peterson

>> Yeah. And thank you, Rob.

Roman Zhukov

>> That was a lot of fun.

Savannah Peterson

>> Good. Yes! Tell all your friends. We love hearing that. We did not pay him to say that, for the record. We are having as much fun as it appears on camera here in frigid Atlanta, Georgia at KubeCon + CloudNativeCon. My name's Savannah Peterson. You're watching theCUBE, the leading source for enterprise tech news.