Kubernetes Cluster Security and Usability: Best Practices and Common Pitfalls
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore Kubernetes cluster security and usability in this 49-minute conference talk by Rory McCune, Cloud Native Security Advocate at Aqua Security. Gain practical, defense-oriented insights into two main areas of Kubernetes security, focusing on usable defensive measures for immediate implementation. Learn about common misconfigurations in newly deployed clusters, surprising default settings chosen by providers, and scalable approaches to cluster security. Discover strategies for different threat models, including shared clusters among developer groups and multi-tenant configurations with Internet-facing applications. Delve into topics such as exposed clusters, outdated clusters, authentication, RBAC complexity, network security, and admission control. Acquire valuable knowledge to enhance your Kubernetes security posture and make informed decisions about cluster management.
Syllabus
Intro
What is Kubernetes?
So, What is Core Kubernetes?
Why is this important?
Where does Usability Come in?
Exposed Clusters
Outdated Clusters
Solution - Clusters As Cattle Not Pets
Kubernetes Authentication
Solution - Enforced External AuthN
RBAC Complexity
Solution - Minimal Interactive Access
Flat Networks
Solution - Default Deny Networks
Breakout to underlying nod
Solution - Admission Control
Kubernetes and Multi-Tenan
Solution - Kubernetes Cluster API
A Secure Kubernetes Solution
Conclusion
Taught by
OWASP Foundation
Related Courses
Cisco SD-WAN (Viptela) with Lab AccessUdemy Architect SaaS Applications - Unique Challenges & Solutions
Udemy Provision IoT devices at scale by using Azure IoT Hub Device Provisioning Service (DPS)
Microsoft via Microsoft Learn Multi-Tenancy and Isolation Using Virtual Clusters in Kubernetes - Mirantis Labs Tech Talks
Mirantis via YouTube Secure Multi-Cluster & Multi-Tenant Cloud Native Apps with Mirantis & Tetrate
Mirantis via YouTube