Security is a key concern for Apache Kafka: authentication, authorization, and over-the-wire encryption help to ensure the confidentiality of your data. This notwithstanding, workloads with very sensitive data might require end-to-end encryption between Kafka client applications. This talk introduces Kryptonite for Kafka, written and open-sourced by the speaker. It's a community project that performs client-side field-level cryptography for payloads produced to and consumed from Kafka topics. A demo scenario built on top of Kafka Connect and Flink SQL illustrates how to encrypt and decrypt sensitive payload fields by means of applying turn-key ready message transformations as well as user-defined functions without the need for any custom code. Join this session to learn how Kryptonite for Kafka makes your streaming data pipelines more secure, safeguarding your most sensitive payload fields against any form of uncontrolled or illegal access on the brokers.