Securing Secrets in Kubernetes Environments

Explore the critical aspects of securing secrets in Kubernetes environments through this informative conference talk. Delve into the challenges of credential management for organizations, including database credentials and access tokens. Examine the threat models surrounding secrets management tools like Hashicorp Vault and CyberArk Conjur, particularly in on-premises deployments targeted by ransomware attackers. Gain insights into hardening techniques for these tools and understand the potential vulnerabilities in secret injection processes for target workloads. Analyze attack vectors targeting persistent volumes storing secrets and learn about real-world threat scenarios. Watch a demonstration of how attackers can access secrets and discover potential security solutions, with a focus on Hashicorp Vault in the context of Kubernetes security.

Securing Secrets in K8s Environments - Rahul Jadhav, AccuKnox