Explore the security landscape of Kubernetes in this 43-minute conference talk from Derbycon 2018. Dive into container technology, Kubernetes architecture, and potential security vulnerabilities. Learn about attack surfaces, threat modeling, and discovery techniques specific to Kubernetes environments. Examine authentication mechanisms, container registry security, and static code analysis methods. Investigate postmount escapes and cloud security considerations. Gain valuable insights into securing Kubernetes deployments, with a comprehensive overview of key concepts and practical resources for further exploration.
Overview
Syllabus
Intro
Containers
Kubernetes
Security
Attack Service
Threat Model
Discovery
Authentication
Container Registry
Static Code Analysis
Postmount Escapes
Cloud Security
TLDR
Resources
Related Courses
-
Deploy cloud-native apps using Azure Container Apps
-
Certified Kubernetes Security Specialist (CKS) Course
-
Cloud Security Risks: Identify and Protect Against Threats
-
Palo Alto Networks Cybersecurity Foundation
-
Prepare security and compliance to support Microsoft 365 Copilot
-
Flying Above the Clouds - Securing Kubernetes
