Kubernetes Cluster Security and Usability: Best Practices and Common Pitfalls
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore Kubernetes cluster security and usability in this 49-minute conference talk by Rory McCune, Cloud Native Security Advocate at Aqua Security. Gain practical, defense-oriented insights into two main areas of Kubernetes security, focusing on usable defensive measures for immediate implementation. Learn about common misconfigurations in newly deployed clusters, surprising default settings chosen by providers, and scalable approaches to cluster security. Discover strategies for different threat models, including shared clusters among developer groups and multi-tenant configurations with Internet-facing applications. Delve into topics such as exposed clusters, outdated clusters, authentication, RBAC complexity, network security, and admission control. Acquire valuable knowledge to enhance your Kubernetes security posture and make informed decisions about cluster management.
Syllabus
Intro
What is Kubernetes?
So, What is Core Kubernetes?
Why is this important?
Where does Usability Come in?
Exposed Clusters
Outdated Clusters
Solution - Clusters As Cattle Not Pets
Kubernetes Authentication
Solution - Enforced External AuthN
RBAC Complexity
Solution - Minimal Interactive Access
Flat Networks
Solution - Default Deny Networks
Breakout to underlying nod
Solution - Admission Control
Kubernetes and Multi-Tenan
Solution - Kubernetes Cluster API
A Secure Kubernetes Solution
Conclusion
Taught by
OWASP Foundation
Related Courses
Maintaining Deployment Security in Microsoft AzurePluralsight Microsoft Azure Security Engineer: Configure Advanced Security for Compute
Pluralsight Microsoft Azure Security Technologies (AZ-500) Cert Prep: 2 Implement Platform Protection
LinkedIn Learning Securing Containers and Kubernetes Ecosystem
LinkedIn Learning Performing DevSecOps Automated Security Testing
Pluralsight