YoVDO

Using Policy as Code to Manage Security Risk in Kubernetes

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Kubernetes Courses Cloud Security Courses Infrastructure as Code Courses Policy-as-Code Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the concept of using policy as code to manage security risks in Kubernetes in this 25-minute conference talk from the Cloud Native Computing Foundation (CNCF). Delve into traditional security challenges and discover how Infrastructure as Code (IaC) and Policy as Code (PaC) can enhance cloud security. Learn about Terrascan, its goals, and how to integrate it into your workflow. Examine real-world examples of vulnerabilities, including CVE-2020-8554 and CVE-2020-8555, and understand their implications. Gain insights into various security risk categories and how Terrascan addresses them, empowering you to better protect your Kubernetes environments.

Syllabus

Intro
Traditional Security Challenges
Unlocking Cloud Security with lac & Pac
Terrascan - Goals
Integrate Terrascan into your workflow
CVE-2020-8554: LoadBalancer PATCH request example
CVE-2020-8555- Half Blind SSRF
CVE-2020-8555 - Vulnerable YAML example
Terrascan - Security Risk Categories


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Architecting Microsoft Azure Solutions
Microsoft via edX Internetwork Security
Indian Institute of Technology, Kharagpur via Swayam Network Security
Georgia Institute of Technology via Udacity Microsoft Professional Orientation : Cloud Administration
Microsoft via edX Cyber Threats and Attack Vectors
University of Colorado System via Coursera