Kubernetes Security 101: Best Practices to Secure your Cluster

As great as Kubernetes is when it comes to automating, scaling, and managing containerized applications, it can also create security vulnerabilities that make you the perfect target for attackers.

In this presentation, Magno Logan, an Information Security Specialist & Senior Threat Researcher, gives a brief overview of how Kubernetes works and shares some best practices for securing your cluster whenever you are deploying a new cluster on your own or via managed services such as GKE, EKS or AKS.

Magno covers everything from the Control Plane (Master Node), starting with the API server, including etcd, role-based access control (RBAC), and network policies. He also shows worker nodes, kubelet, audit logs, and pods best practices.

To round out the session, Magno talks about the CIS Benchmarks for Kubernetes and the default configurations you need to worry about when deploying a new cluster.

🎓Watch to learn 🧠
• How to use RBAC and assign roles and permissions to your cluster users
• How to enable audit logs for better visibility
• How to setup network policies to avoid communications between pods and prevent any lateral movement from attackers

🕶Who should attend👀
• Anyone getting started with Kubernetes
• Anyone interested in learning better ways to secure your Kubernetes cluster

✨Speaker✨
Magno Logan, Information Security Specialist & Senior Threat Researcher, @magnologan

🎤Continue the conversation in our forum 🗣
https://community.skycrafters.io/

This discussion originally aired live on July 29, 2021

source

by Skycrafters

linux foundation