In this talk we will discuss the current landscape of Kubernetes security and how we can better prepare for the upcoming "Kubepocalypse". We will go over a brief tour of the Kubernetes ecosystem and why security is such a challenge as well as attack and defense mechanisms you can implement today in your clusters. Topics covered include: container security best practices, control plane security, network security, and advanced isolation techniques.
Resources mentioned in this session:
Slides: Coming soon
Awesome Kubernetes Security: https://github.com/ksoclabs/awesome-kubernetes-security
Jimmy Mesta is a veteran application and infrastructure security leader. He is the founder of OWASP Santa Barbara and co-organizer of the AppSec California security conference. Jimmy has spent time on both the offense and defense side of the industry and is constantly working towards building modern, developer-friendly security solutions. Jimmy's core focus has been in application and cloud security with an emphasis on secure architecture, automated testing, developer training and defensive techniques. He teaches Kubernetes, Docker, DevOps, Mobile Security and Pentesting courses for Manicode.