Smart Scale participation at KubeCon + CloudNativeCon Europe in London

Our engineering team’s participation in KubeCon + CloudNativeCon Europe 2025, held this past March in London, was immensely valuable. The event provided critical insights into the evolution of the cloud-native ecosystem, confirming our strategic direction while highlighting key emerging technologies. The dominant themes were the maturation of Platform Engineering, the growing viability of WebAssembly (Wasm) for cloud-native workloads, and a significant focus on Software Supply Chain Security. The findings from this event will directly influence our platform architecture, security posture, and developer experience initiatives.

2. Objectives of Participation

Our primary technical objectives for attending KubeCon were to:

• Deepen our understanding of key CNCF projects integral to our stack (e.g., OpenTelemetry, Istio, Argo CD).
• Identify emerging open-source projects that can address future challenges in security and edge computing.
• Engage with the maintainers and community of critical projects to understand their roadmaps.
• Assess the cloud-native talent pool and promote Smart Scale Engineering as an attractive employer.

3. Key Technical Trends & Takeaways

The conference floor and sessions were buzzing with innovation. The most impactful trends for our business were:

• Platform Engineering is the New Norm: The conversation has decisively shifted from « how to operate Kubernetes » to « how to build an Internal Developer Platform (IDP) on top of it. » The goal is to provide developers with « golden paths » and self-service capabilities that abstract away the underlying complexity of the cluster. Projects like Backstage (for developer portals) and Crossplane (for building cloud-native control planes) were central to this theme, validating our internal efforts to streamline the developer experience.
• WebAssembly (Wasm) is Ready for Prime Time: Wasm is no longer just a browser technology. It is being seriously positioned as a lightweight, secure, and faster alternative to containers for certain server-side use cases. Its key advantages—sandboxed security and near-instant startup times—make it highly compelling for edge computing and multi-tenant platforms. Projects like WasmEdge and Spin demonstrated impressive maturity.
• Software Supply Chain Security is Non-Negotiable: The focus on securing the software supply chain has intensified. The community is coalescing around standards and tools to ensure the integrity of containerized applications from code to production. Generating a Software Bill of Materials (SBOM) is becoming standard practice, and projects like Sigstore for cryptographic signing of artifacts are now considered essential for enterprise-grade security.

4. Actionable Insights & Recommended Next Steps

Based on these takeaways, we recommend the following engineering initiatives:

1. Formalize our Internal Developer Platform (IDP) Strategy:
   • Insight: The industry is standardizing around the IDP model to improve developer productivity and governance.
   • Action: Formally charter the Internal Platform Team. Dedicate engineering resources in Q3 to evaluate Backstage as the foundation for our developer portal, with the goal of creating a unified interface for documentation, CI/CD, and service management.
2. Initiate a WebAssembly (Wasm) Proof of Concept:
   • Insight: Wasm could provide significant performance and security benefits for our edge data processing modules.
   • Action: The R&D team will conduct a time-boxed (2-week sprint) investigation into re-implementing our primary IoT data ingestion service as a Wasm module to benchmark performance and security against the current container-based solution. Findings to be presented to the architecture review board.
3. Mandate Supply Chain Security Practices:
   • Insight: Adopting modern supply chain security practices is critical for meeting enterprise client expectations.
   • Action: Mandate the integration of Sigstore for container image signing and automated SBOM generation into our primary CI/CD pipeline for all production services. The Security Team will lead this initiative, with a target completion date of end-of-year 2025.

5. Conclusion

KubeCon + CloudNativeCon remains the essential event for understanding the future of cloud-native infrastructure. The insights gathered are not just theoretical; they provide a clear roadmap for improving our platform’s security, efficiency, and developer experience.