DevOps Stage 2021 ⇒ Kubernetes and Container Security by Volodymyr Shynkar
Everyone heard about Kubernetes. Everyone wants to use this tool. However, sometimes we forget about security, which is essential throughout the container lifecycle.
Therefore, our journey with Kubernetes security should begin in the build stage when writing the code becomes the container image.
Kubernetes provides innate security advantages, and together with solid container protection, it will be invincible.
During the sessions, we will review all those features and highlight which are mandatory to use. We will discuss the main vulnerabilities which may cause compromising your system.
Timecodes:
0:46 - 01 Overview
2:27 - 02 Container Security
5:58 - 03 Kubernetes Security
6:26 ├ Deployment to the cluster
11:58 ├ Pod Security Policy
13:11 ├ Open Policy Agent (Gatekeeper)
15:22 ├ Network Policy
17:23 ├ Secrets
18:55 ├ Securing the Cluster (Hardening)
21:30 - 04 Other Tooling to help
24:14 - 05 Demo Time
Contacts:
LinkedIn - https://www.linkedin.com/in/vshynkar/
GitHub - https://github.com/sqerison
Instagram - https://www.instagram.com/sqerison/
------------------------------------------------------------------------------------------------------------------------------------------------
Materials from the video:
The presentation link:
https://www.slideshare.net/VolodymyrShynkar/kubernetes-and-container-security
The policies and docker files examples:
https://gist.github.com/sqerison/43365e30ee62298d9757deeab7643a90
The repo with the helm chart used in a demo:
https://github.com/sqerison/argo-rollouts-demo
Tools that showed in the last section:
https://github.com/armosec/kubescape
https://github.com/aquasecurity/kube-bench
https://github.com/controlplaneio/kubectl-kubesec
https://github.com/Shopify/kubeaudit#installation
https://github.com/eldadru/ksniff
Further learning.
A book released by CISA (Cybersecurity and Infrastructure Security Agency):
https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
O`REILLY Kubernetes Security:
https://kubernetes-security.info/
O`REILLY Container Security:
https://info.aquasec.com/container-security-book
Thanks for watching!
Видео DevOps Stage 2021 ⇒ Kubernetes and Container Security by Volodymyr Shynkar канала Volodymyr Shynkar
Therefore, our journey with Kubernetes security should begin in the build stage when writing the code becomes the container image.
Kubernetes provides innate security advantages, and together with solid container protection, it will be invincible.
During the sessions, we will review all those features and highlight which are mandatory to use. We will discuss the main vulnerabilities which may cause compromising your system.
Timecodes:
0:46 - 01 Overview
2:27 - 02 Container Security
5:58 - 03 Kubernetes Security
6:26 ├ Deployment to the cluster
11:58 ├ Pod Security Policy
13:11 ├ Open Policy Agent (Gatekeeper)
15:22 ├ Network Policy
17:23 ├ Secrets
18:55 ├ Securing the Cluster (Hardening)
21:30 - 04 Other Tooling to help
24:14 - 05 Demo Time
Contacts:
LinkedIn - https://www.linkedin.com/in/vshynkar/
GitHub - https://github.com/sqerison
Instagram - https://www.instagram.com/sqerison/
------------------------------------------------------------------------------------------------------------------------------------------------
Materials from the video:
The presentation link:
https://www.slideshare.net/VolodymyrShynkar/kubernetes-and-container-security
The policies and docker files examples:
https://gist.github.com/sqerison/43365e30ee62298d9757deeab7643a90
The repo with the helm chart used in a demo:
https://github.com/sqerison/argo-rollouts-demo
Tools that showed in the last section:
https://github.com/armosec/kubescape
https://github.com/aquasecurity/kube-bench
https://github.com/controlplaneio/kubectl-kubesec
https://github.com/Shopify/kubeaudit#installation
https://github.com/eldadru/ksniff
Further learning.
A book released by CISA (Cybersecurity and Infrastructure Security Agency):
https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
O`REILLY Kubernetes Security:
https://kubernetes-security.info/
O`REILLY Container Security:
https://info.aquasec.com/container-security-book
Thanks for watching!
Видео DevOps Stage 2021 ⇒ Kubernetes and Container Security by Volodymyr Shynkar канала Volodymyr Shynkar
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
