Overview
Explore essential strategies for securing Kubernetes clusters in this 45-minute conference talk from All Things Open 2022. Learn about multi-layered security approaches, including hardening nodes, securing workloads, and inspecting containers for vulnerabilities. Discover open-source tools for identifying issues at each layer, from cluster configuration and static code analysis to container image scanning and software bill of materials (SBOM) monitoring. Gain insights into policy enforcement, resource limits, and behavior monitoring to build and maintain a secure Kubernetes environment. Walk away with key takeaways to enhance your organization's container and Kubernetes security practices.
Syllabus
Intro
Layers
Hardening
Cluster configuration
Static code analysis
Container image scanning
Software bill of materials (SBOM)
SBOM monitoring
Policy enforcement
Resource limits
Monitor behavior
Key takeaways
Taught by
All Things Open