The State of Kubernetes Security

In this talk we will discuss the current landscape of Kubernetes security and how we can better prepare for the upcoming "Kubepocalypse". We will go over a brief tour of the Kubernetes ecosystem and why security is such a challenge as well as attack and defense mechanisms you can implement today in your clusters. Topics covered include: container security best practices, control plane security, network security, and advanced isolation techniques.



Resources mentioned in this session:


Slides: Coming soon

Awesome Kubernetes Security: https://github.com/ksoclabs/awesome-kubernetes-security

A good read: https://medium.com/jw-player-engineering/how-a-cryptocurrency-miner-made-its-way-onto-our-internal-kubernetes-clusters-9b09c4704205


Jimmy Mesta

Jimmy Mesta is a veteran application and infrastructure security leader. He is the founder of OWASP Santa Barbara and co-organizer of the AppSec California security conference. Jimmy has spent time on both the offense and defense side of the industry and is constantly working towards building modern, developer-friendly security solutions. Jimmy's core focus has been in application and cloud security with an emphasis on secure architecture, automated testing, developer training and defensive techniques. He teaches Kubernetes, Docker, DevOps, Mobile Security and Pentesting courses for Manicode.


Find Jimmy on twitter

MyDevSecOps ©2020 POWERED BY SNYK

The MyDevSecOps community is powered by Snyk Ltd. Our aim is to create a vendor-neutral space to share knowledge and best practices related to software security.

avatar-transparent.png
  • White Twitter Icon
  • White YouTube Icon