Automated Cloud-Native Incident Response with Kubernetes and Service Mesh
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore automated cloud-native incident response techniques using Kubernetes and service mesh in this 37-minute conference talk. Recap incident response fundamentals and gain insights into cloud-native technologies such as Kubernetes, Istio, and GitOps. Learn about a custom Operator for dynamically adding complex layer-7 traffic rules in response to environmental changes. Follow a step-by-step walkthrough of responding to a log4shell attack against a Kubernetes cluster workload, covering sensor alerts, SIEM analysis, IRP automation with honeypots and isolation, building Indicators of Compromise (IoC), and neutralizing the attack. Discover how to adapt established security practices like the MITRE Att&ck Framework and Lockheed Martin Kill Chain to modern cloud-native platforms.
Syllabus
Automated Cloud-Native Incident Response with Kubernetes and Service Mesh - M Turner & F Beltramini
Taught by
CNCF [Cloud Native Computing Foundation]