Tweezering Kubernetes Resources - Operating on Operators
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore the security implications of Kubernetes Operators in this 40-minute conference talk from KubeCon + CloudNativeCon North America 2022. Delve into the potential risks associated with highly privileged Operators and learn how to mitigate these threats. Discover techniques for threat modeling core Operator functionality, understand how attackers can exploit Operators to modify resources and gain persistence, and gain insights on securely evaluating third-party Operators before implementation. Acquire valuable knowledge on conducting effective code reviews and identifying security-related events in the context of Kubernetes Operators. Enhance your understanding of Kubernetes security and learn to safeguard your cluster operations against potential vulnerabilities introduced by automated processes.
Syllabus
Tweezering Kubernetes Resources: Operating on Operators - Kevin Ward, ControlPlane
Taught by
CNCF [Cloud Native Computing Foundation]