Threat Modelling: Securing Kubernetes Infrastructure & Deployments - Rowan Baker, ControlPlane

preview_player
Показать описание

Threat Modelling: Securing Kubernetes Infrastructure & Deployments - Rowan Baker, ControlPlane

Security teams are often the last to know about an installation of Kubernetes, and are frequently concerned by its adoption. They have every right to be: poorly architected clusters can easily become exposed to unexpected threats, compromised by hostile workloads, or impossible to maintain. It doesn’t have to be this way! This talk details mechanisms for architecting Kubernetes securely in regulated organisations, and shares lessons learnt threat modelling with the CNCF Financial User Group including: - How to use threat modelling to secure clusters and workloads - Real-world examples of Kubernetes deployments, and multi-tenant security architectures from financial services - Where to apply controls to layer defence in depth - Using compliance standards to satisfy security teams - How to integrate Kubernetes with a global SOC - Gotchas, common threats, and advanced mitigations

  1. CNCF [Cloud Native Computing Foundation]
Рекомендации по теме
Threat Modelling: Securing 0:32:24

Threat Modelling: Securing Kubernetes Infrastructure & Deployments - Rowan Baker, ControlPlane

Threat Modelling Kubernetes: 0:37:53

Threat Modelling Kubernetes: A Lightspeed Introduction - Lewis Denham-Parry, Control Plane

Threat Modelling: How 0:37:02

Threat Modelling: How to Improve Your Kubernetes Security Posture with Threat Mod... Maxime Coquerel

How to Build 0:41:28

How to Build a Threat Model for Kubernetes Systems

Threat Modelling Kubernetes: 0:37:22

Threat Modelling Kubernetes: A Lightspeed Introduction with Lewis Denham-Parry

Threat Modeling in 0:40:05

Threat Modeling in Kubernetes (Series 2 of 4)

Intro to Threat 0:31:55

Intro to Threat Modeling in the Cloud - Paige Cruz, Chronosphere

Automated Threat Modeling 0:03:12

Automated Threat Modeling demo to show traceable security and compliance requirements

Security Threat Modeling 0:41:30

Security Threat Modeling Live from Scratch Session - Andrew Martin, Control Plane

Hacking & Defending 0:33:45

Hacking & Defending Kubernetes Clusters: We'll Do It LIVE!! - Fabian Kammel & James Cle...

Kubernetes Security: Attacking 0:43:01

Kubernetes Security: Attacking and Defending Modern Infrastructure

AWS re:Inforce 2023 0:20:35

AWS re:Inforce 2023 - A tool to help improve your threat modeling (APS224)

Filling the Gaps 0:33:29

Filling the Gaps in Kubernetes Flavored SLSA with Threat Modeling - Christie Wilson & Priya Wadh...

Shifting Threat Modeling 0:20:59

Shifting Threat Modeling to Left: Automated Threat Modeling Using Terraform

Maximising Security with 0:59:57

Maximising Security with Threat Modelling in the Cloud - Romina Druta & Daniela Cruzes

Threat Model + 0:25:48

Threat Model + Policy + SecOps = Kubernetes Assurance

Securing Your Kubernetes 1:00:30

Securing Your Kubernetes Cluster From Threats

Threat Modelling as 1:12:50

Threat Modelling as Code and Threat Modelling Challenges

Piloting Around the 0:38:44

Piloting Around the Rocks: Avoiding Threats in Kubernetes - Robert Tonic & Stefan Edwards

Cloud Threat Modeling 0:40:01

Cloud Threat Modeling - from Architecture Design to Application Development

Ship of Fools: 0:41:35

Ship of Fools: Shoring Up Kubernetes Security - SANS Secure DevOps Summit 2018

Kubernetes attack simulation 0:27:42

Kubernetes attack simulation The definitive guide

Securing Kubernetes Architectures 1:05:55

Securing Kubernetes Architectures

Add Aristiun Aribot 0:03:31

Add Aristiun Aribot to Jenkins Pipelines -(Automated Threat Modeling, Platform, Pipeline Security )

Комментарии
Автор

This is a fantastic talk, and exactly what I was looking for. Thank you for this.

touchthesun