Explore common Kubernetes misconfigurations and security vulnerabilities in this 58-minute webinar sponsored by Snyk. Dive into topics such as configuration vulnerabilities, developer ownership, security contexts, and privileged pods. Learn about the importance of resource limitations, including CPU and memory throttling. Discover when root containers are necessary and how to implement "run as non-root" practices. Examine pod security policies, shifting security responsibilities, and methods for validating Kubernetes setups. Gain insights on balancing quality and quantity in security measures, and explore the differences between OKD and Kubernetes. Participate in live demonstrations and Q&A sessions covering privilege run modes, code injection, and memory limits. Enhance your Kubernetes security knowledge with practical examples and expert guidance on creating a secure infrastructure.
Hack My Mis-Configured Kubernetes: Security Vulnerabilities and Best Practices
Overview
Syllabus
Intro
Configuration Vulnerability
Developer Ownership
Security Context
Privileged Pods
Demo
When do we need root containers
Run is nonroot
Resource limitations
CPU throttling
Memory throttling
Next demo
Conclusions
Recap
Conclusion
Secure base
Quality vs quantity
Sneak Infrastructure Demo
Questions
OKD vs Kubernetes
Privilege Run Mode
Code Injection
Privilege vs Root
Demo code
Memory limits
Sample apps
Architecture
Image Root Access
Pod Security Policies
Shifting Security Responsibility
Is it enough
Does a sneak container gathered scan
How to validate Kubernetes
Setting a memory limited model
Taught by
Linux Foundation
Tags
Related Courses
-
Hack My Mis-Configured Kubernetes
-
Live Security Hack - Hack My Mis-configured Kubernetes
-
Kubernetes and Cloud Native Security - A State of the Union
-
Kubernetes Security Blind Spot - Misconfigured System Pods
-
Continuous Kubernetes Security - Best Practices and Risk Mitigation
-
Kubernetes Security Lab - Hands-on Exploration of Common Vulnerabilities
