Top Secret Cloud Native Security Lessons

Discover essential cloud native security lessons in this 58-minute conference talk. Explore the foundations of software development and infrastructure deployments using technologies like Kubernetes, Docker, and Istio. Gain insights into real-world security lessons, the CNCF-backed Kubernetes Security Audit, and recent Kubernetes security disclosures. Learn how to identify potential weaknesses in cloud native approaches and implement effective security measures. Delve into topics such as role-based access control, API secrets, privilege escalation, network policies, and security tools like Open Policy Agent. Understand the importance of secure-by-default configurations and staying updated with the latest security practices. By the end, acquire the knowledge needed to enhance the security of your cloud native systems and make informed decisions about implementing technologies like Istio for improved protection.

Introduction
Our systems are constantly under attack
Hackers can steal AWS credentials
Top secret doesnt work
Premise
Bens background
Cutter Coder
QA
Kubernetes
Kubernetes Architecture
Kubernetes Loop
Applying Security
Rolebased access control
Rolebased security
API secrets
Pods
Privilege Escalation
Defaults
Privileged Containers
Kubernetes Page Limit
Remove Additional Capabilities
Lineage Capabilities
Allow Privilege Escalation
Installer Settings
System Anonymous
Security Permissions
Demon Sets
Network Policies
Be Secure by Default
Kubernetes Tools
Control Plane
Open Policy Agent
Mobility
AppArmor
CPU Bug
Upgrade Communities
What should we be doing
How to learn more