Threat Modelling - Securing Kubernetes Infrastructure & Deployments

Explore threat modelling techniques for securing Kubernetes infrastructure and deployments in this 32-minute conference talk. Learn how to architect Kubernetes securely in regulated organizations, with insights from the CNCF Financial User Group. Discover mechanisms for identifying threats, creating attack trees, and developing a comprehensive threat model. Gain practical knowledge on implementing automated testing, ensuring compliance, and applying node segregation. Understand the importance of Linux capabilities and how to integrate Kubernetes with a global SOC. Address common threats, implement advanced mitigations, and navigate the challenges faced by large regulated organizations. Equip yourself with the tools and strategies needed to safeguard your Kubernetes environment effectively.

Introduction
Threat Modelling Process
Identifying Threats
Attack Trees
Threat Model
Automated Testing
Compliance
Node segregation
Linux capabilities
Large regulated organizations