Hidden under the hood of Kubernetes are a lot of security features. Starting from the Linux namespaces used in containers all the way to the network, there are a lot of configurations to support (or totally destroy) the security of a cluster.
In this talk, Thomas will cover:
- The security model of Kubernetes
- How to check clusters for vulnerabilities and fight security weaknesses with a few lines of scripting
- How to use scripts to analyze Istio, the "trust nothing" distributed firewall solution, and find an exploitable vulnerability in no time.
Finally, we show how Istio has handled the bug report and how future versions from 1.2 will close the exploit using the Container Network Interface (CNI).
After a 30 minutes talk, there will be 15 minutes for a discussion with the audience. We’d like to encourage you to submit your questions in advance.
A recording of the webinar and useful materials will be shared with webinar attendees afterwards.
Audience - who should join?
DevOps Engineers, DevSecOps Engineers, Site Reliability Engineers, System Engineers, Infrastructure Kubernetes Administrators, Technical Architects, Application Developers with an affinity with DevOps and Technical Management