Explore the concept of shifting security left in Kubernetes and OpenShift environments through this 51-minute conference talk presented by the Cloud Native Computing Foundation (CNCF). Dive into the tension between security and DevOps, and learn strategies for enabling collaboration between these teams. Discover methods for removing hardcoded secrets and implementing security-first practices. Gain insights into Kubernetes authentication, and witness demonstrations of various security tools including Summon, Kubernetes Secrets, Kubernetes Secrets Provider Container, Secretless, and Secretlist. Examine the Secretless architecture and understand the balance between probability and impact in security decision-making. Enhance your knowledge of cloud-native security practices and learn how to simplify security measures in containerized environments.
Shifting Security Left - Simplifying Security for Kubernetes and OpenShift Environments
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Introduction
Tension between security and devops
Enabling devops collaboration
Removing hardcoded secrets
Security islands
Security first
Authentication
Kubernetes Authentication
Demos
Summon
Kubernetes Secrets
Kubernetes Secrets Provider Container
Secretless
Secretlist
Secretlist Broker Log
Nginx Log
Secretless Architecture
Probability vs Impact
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Kubernetes Secrets Management - Build Secure Apps Faster Without Secrets
-
Critical DevSecOps Considerations for Multi-Cloud Kubernetes
-
Container and Kubernetes Security Policy Design - 10 Critical Best Practices
-
Cloud Native Live: Workload Misconfiguration - The #1 Security Threat When Using Kubernetes
-
Running at Light Speed - Cloud Native Security Patterns
-
Secret Management in Kubernetes: Using Secret Store CSI Driver
