CSI Volume Attacks – The SRE Strikes Back

Explore the critical aspects of data security in Container Storage Interface (CSI) environments in this informative conference talk. Delve into the challenges of protecting stateful workloads from unauthorized access, both within and outside Kubernetes clusters. Learn about the inherent security models provided by Kubernetes and discover additional configurations to enhance data protection. Through a series of demonstrations, gain insights into securing Persistent Volume Claims and Persistent Volumes, implementing Pod Security Policies, managing file system permissions, and safeguarding common storage protocols like iSCSI and NFS. Understand the importance of securing CSI drivers within your cluster to create a robust defense against potential volume attacks.

CSI Volume Attacks – The SRE Strikes Back - Hendrik Land, NetApp