Too Much to Choose - Making Sense of Kubernetes Security Standards

Explore a comprehensive analysis of Kubernetes security standards in this conference talk. Gain insights into various security benchmarks like CIS, DISA STIG, Pod Security Standards, and the NSA hardening guide, as well as the recently released PCI guidance on container orchestration security. Compare these standards, understand their similarities and differences, and learn how to choose the most appropriate one for your needs. Discover open-source tools available in the cloud native ecosystem to assess Kubernetes clusters against these standards and simplify compliance processes. By the end of the presentation, acquire a clear understanding of the benefits of each standard and learn about processes that can be adopted to comply with common requirements. The talk covers an introduction to security standards, an overview of Kubernetes-specific standards, distribution and version coverage, areas of focus, and CI tools for implementation.

Intro
Overview
Definition
Types of Standards
Kubernetes
Which should you choose
Which distributions are covered
Which versions of Kubernetes are covered
What areas are covered
The details
CI tools
Summary
Questions