Armoring Cloud Native Workloads with LSM Superpowers
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore how to enhance security for cloud-native workloads using Linux Security Modules (LSMs) in this conference talk by Barun Acharya from Accuknox. Learn about the limitations of default container security and discover how KubeArmor leverages LSMs to create a least permissive perimeter for various workloads. Understand the power of LSMs and how KubeArmor simplifies their implementation by abstracting away complexities. Gain insights into the use of eBPF for providing context within containers, compare different kernel primitives for protecting modern container workloads, and examine the design considerations and challenges of integrating various LSMs into KubeArmor. This 21-minute presentation offers valuable knowledge for developers and end-users interested in strengthening their cloud-native security practices.
Syllabus
Armoring Cloud Native Workloads With LSM Superpowers - Barun Acharya, Accuknox
Taught by
CNCF [Cloud Native Computing Foundation]