Common Kubernetes Attack Vectors and How to Secure Your C... Catherine Heatherly & Danielle Chappell

Common Kubernetes Attack Vectors and How to Secure Your Cluster - Catherine Heatherly & Danielle Chappell, US Department of Defense

Kubernetes is an open source container orchestration system for automating the management of containerized applications. Although using containerized applications known as microservices provides several flexibility benefits, securing these microservices and the infrastructure supporting them can become complex. There are many common sources of risk including supply chain risk, malicious threat actors, insider threats, and misconfigurations. Attacks against Kubernetes often exploit misconfigurations in networking policies, authentication, authorization, and updating outdated software. During this presentation, Catherine and Danielle will describe the major components of a Kubernetes deployment, then describe how to secure them. Catherine and Danielle will explain Kubernetes pod security, network separation, authentication and authorization, audit logging, and threat detection. They will go into details about how to monitor a Kubernetes deployment and how to detect threat actors.