Overview
Discover seven essential tools for enhancing Kubernetes cluster security in this 30-minute Devoxx conference talk. Explore the complexities of Kubernetes orchestration and learn how to address potential security vulnerabilities in both the cluster infrastructure and deployed workloads. Gain insights into implementing security best practices and leveraging powerful tools such as Vault, Kubernetes Secrets, CubeScore, QBScan, Falco, Open Policy Agent, and Supervisor to fortify your Kubernetes environment. Understand the inner workings of these tools and their specific applications in securing service accounts, enforcing trusted images, and monitoring for potential threats.
Syllabus
Intro
Security overview
Vault
Kubernetes Secrets
CubeScore
QBScan
How it works
Check all service accounts
Connect to a specific service account
Connect to other service accounts
Check outputs
Falco
How Falco works
How GCR works
Open Policy Agent
Enforce Trusted Images
Supervisor
Summary
Taught by
Devoxx