Armoring Cloud Native Workloads with LSM Superpowers

Explore how to enhance security for cloud-native workloads using Linux Security Modules (LSMs) in this conference talk by Barun Acharya from Accuknox. Learn about the limitations of default container security and discover how KubeArmor leverages LSMs to create a least permissive perimeter for various workloads. Understand the power of LSMs and how KubeArmor simplifies their implementation by abstracting away complexities. Gain insights into the use of eBPF for providing context within containers, compare different kernel primitives for protecting modern container workloads, and examine the design considerations and challenges of integrating various LSMs into KubeArmor. This 21-minute presentation offers valuable knowledge for developers and end-users interested in strengthening their cloud-native security practices.

Armoring Cloud Native Workloads With LSM Superpowers - Barun Acharya, Accuknox