Explore the vast landscape of Cloud Native security in this comprehensive conference talk. Break down the complex topic into three key areas: platform security, user management and permissions, and software supply chain. Learn about securing and upgrading control planes and nodes, isolating resources, managing privileges and secrets, authenticating and authorizing user access, leveraging RBAC and Namespaces, and understanding software supply chain threat models and mitigation strategies. Gain a stronger understanding of Cloud Native security's breadth and depth, and discover resources for further knowledge development. Delve into specific topics such as Ingress security, Kubernetes cluster upgrades, secret management, authentication methods, RBAC auditing, namespace vs. cluster-wide considerations, and attestation.
Overview
Syllabus
Intro
FOLLOW SECURITY BEST PRACTICES
4 C's OF CLOUD NATIVE SECURITY
Mini Case Study: Ingress
THE WORK OF UPGRADING K8S CLUSTERS
MANAGING SECRETS
AUTHENTICATION (AUTHN)
RBAC AUDITING
NAMESPACES vs CLUSTER WIDE
ATTESTATION
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Cloud Native Security Landscape - Key Areas and Strategies
-
Cloud Native Security for the Rest of Us
-
CNCF Kubernetes and Cloud Native Associate Certification Course (KCNA) - Pass the Exam!
5.0 -
Security Best Practices in Google Cloud
-
Running at Light Speed - Cloud Native Security Patterns
-
4 CI Security Best Practices to Prevent Cloud-Native Supply Chain Attacks
