YoVDO

Running at Light Speed - Cloud Native Security Patterns

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses Network Segmentation Courses Cloud-Native Security Courses

Course Description

Overview

Explore cloud native security patterns in this OWASP NLChapter meeting talk. Dive into essential topics such as container isolation, control plane hardening, network segmentation, and encrypted communications. Learn about the reconciler pattern, container sandboxing limitations, and the importance of build integrity and attestation. Discover user namespaces, rootless containers, and effective authentication and authorization strategies. Examine the controller pattern, admission controllers, and PodSecurity policy design. Gain insights into the sidecar pattern, secrets management, and dynamic secrets implementation. Apply these concepts through practical examples, including retrieving and mounting secrets in cloud native environments.

Syllabus

Intro
OWASP Cloud Native Characteristics
OWASP Cloud Native Secure Architecture ✓ Container Isolation Control Plane Hardening Network Segmentation Encrypted Communications
OWASP Who's Job is it Anyway?
OWASP Isolating Containerized Workloads
OWASP Reconciler Pattern
OWASP Spoiler: Containers Aren't Sandboxes
OWASP The Gateway Drug
OWASP Control Groups & Namespaces
OWASP Build Integrity & Attestation
OWASP User Namespaces
OWASP Rootless Containers
OWASP Authentication
OWASP Fixing the Problem
OWASP Authorization
OWASP Create Roles & Bindings
OWASP Controller Pattern
OWASP Admission Controllers
OWASP Designing a PodSecurity Policy
OWASP Sidecar Pattern Decomposition pattern
OWASP Secrets Management
OWASP Dynamic Secrets
OWASP Example - Retrieve & Mount a Secret


Taught by

OWASP Foundation

Related Courses

IoT Device Security: Executive Briefing
Pluralsight
Defense Evasion with ProxyChains
Pluralsight
Lateral Movement with Infection Monkey
Pluralsight
Get Started with Network Security
Salesforce via Trailhead
AWS Security Best Practices: Network Infrastructure
Amazon Web Services via AWS Skill Builder