Kubernetes Security Best Practices - Ian Lewis, Google

Показать описание

Kubernetes Security Best Practices - Ian Lewis, Google

Containers give developers the ability to isolate applications from one another, but that’s not enough. Resource isolation is much different that security isolation. How do we make applications deployed in containers more secure? What tools can be we apply to our containers running in Kubernetes to make them more secure? How can we apply policy to our network and services to make sure applications only have access to what they need and nothing more?

In this talk, attendees will learn about the risks and attack surfaces of a Kubernetes cluster. s-We'll look at tools like PodSecurityPolicy, SELinux, AppArmor, seccomp, and sandboxed containers in action to improve the security of containers. We’ll then go up the stack and learn how to apply network policy to containers to further improve security.

CNCF [Cloud Native Computing Foundation]

Рекомендации по теме

Комментарии

07:33 Attacking Kubernetes cluster itself, Kubernetes API server 09:01 RBAC 10:58 API Firewall 11:35 NetworkPolicy 13:20 Get access to cluster components, etcd

domaincontroller

Thanks Ian, it's still relevant in 2021 😃

devops-boot-camp

Ian, Thanks so much. Great presentation, and excellent coverage of K8S security best practices.

venkatbollimuntha

Hello Ian, Rocking presentation which is clear and easy to understand for newbies .

phanikumar

Hi Ian. Your presentation is clear and I was able to grasp your ideas easily. Thanks. I am also interested in the remaining topics not covered in your presentation - Threat detection, Build Hygiene and SecOps. Could you recommend good articles or videos regarding those topics? Thanks in advance.

roshelliwanag

Excellent presentation. Very concise in terms on identifying what are possible areas to secure and how to secure for containerized workload running on Kubernetes.

rashmitrathod

Thanks for the excellent presentation Ian. Great parallels on Defense In Depth principle where it underpins the logical flow: Network -> Host -> Supply Chain (Application) -> Data vs. a threat model driven by it (layered defense). Also, it's worth pondering on the importance of Infra Code security first (for those orgamisations mature enough to drive everything via code e.g. Terraform, Crossplane, or ClusterAPI) where it's critical on CI/CD/Progressive Delivery DevSecOps cycle given that it builds entirely on what's being presented.

wilbertopalomar

Nice! Really good presentation with illustrative pictures. Thanks Ian!

tanelikantomaa

Kubernetes Security Best Practices - Ian Lewis, Google

Kubernetes Security Best Practices you need to know | THE Guide for securing your K8s cluster!

Kubernetes Security Best Practices 2021 (From Container Specialist)

Kubernetes Security Best Practices - Ian Lewis, Google

Kubernetes Security Best Practices - Ian Lewis, Google

Container and Kubernetes security policy design: 10 critical best practices

Kubernetes Security Best Practices - Ian Lewis (Google)

Kubernetes Security Best Practices

Kubernetes Security - Best practices and Thoughts from the Field

The Role of Cloud Security Research in 2024

Container Security Explained

Kubernetes Hacking: From Weak Applications to Cluster Control

Azure Kubernetes Security Best Practices

Webinar: Kubernetes Security Best Practices for DevOps

Securing Kubernetes: Best practices and effective strategies

10 Security Best Practices for Kubernetes

Webinar: Operationalizing Kubernetes Security Best Practices

Best Practices for Kubernetes Security

Kubernetes Security Best Practices | Kubernetes RBAC | Kubernetes Certification Training | Edureka

Kubernetes Security Best Practices | Kubernetes RBAC | Kubernetes Training | Edureka Rewind

Kubernetes Security Best Practices

Roadmap to Kubernetes Best Practices and Security with Datree

7 Kubernetes Security Best Practices

Kubernetes Security Best Practices in 2022

Kubernetes Security Best Practices | Kubernetes RBAC | Edureka | Kubernetes Rewind - 5