Explore the DISA STIG certification process for securing Kubernetes deployments in this 35-minute webinar. Gain insights into implementing critical security controls, addressing certification challenges, and maintaining compliance through documentation and automation. Learn about the partnership between Mirantis and Corsec Security in achieving STIG compliance for Mirantis Kubernetes Engine (MKE). Discover key differences between STIG, FedRAMP, and ISO-27001 certifications, and understand the importance of DISA STIG for public sector and regulated industries. Delve into real-world examples, timelines, and strategies for handling new vulnerabilities in the MKE DISA STIG process.
Ensuring Kubernetes Security Through DISA STIG Process - Corsec Security and Mirantis
Overview
Syllabus
- Intro
- Corsec's role in the MKE DISA STIG
- How does Corsec stay up-to-date with the latest DISA STIG?
- How does alignment work re: DISA STIG?
- How does Corsec handle security testing?
- How Corsec secures different software
- STIG vs FEDRAMP vs ISO-27001
- How does Corsec handle updates?
- Corsec's advice to prepare for STIG certification
- Corsec Security's partnership with the DISA
- Importance of documentaion in STIG process
- Real world example: challenges with STIG certification
- Importance of achieving DISA STIG for MKE
- Key security features for the MKE DISA STIG
- Miranits' role in MKE STIG certification process
- What does support look like for MKE DISA STIG?
- Timelines for MKE DISA STIG process
- How does the MKE DISA STIG handle new vulnerabilities?
- What Mirantis learned about the DISA STIG process
- Outro
Taught by
Mirantis
