Overview
Explore the world of Kubernetes security in this 56-minute webinar presented by Wei Lien Dang, Head of Strategy at StackRox. Delve into the MITRE ATT&CK framework extension for Kubernetes security risks by Microsoft Azure, covering 40 documented attack vectors. Learn key tactics and techniques attackers use on Kubernetes clusters, discover a range of Kubernetes-specific and cloud-specific controls, and gain a prioritized list of mitigation steps for broad protection. Understand the differences in Kubernetes attacks across various deployment models, including cloud, on-premises, and hybrid environments. Examine a comprehensive Kubernetes security checklist and attack matrix, focusing on best practices such as RBAC, Kubernetes Dashboard security, network management, and Pod Security Policies. Gain insights into runtime monitoring, native Kubernetes secrets, and PCI compliance considerations. Equip yourself with essential knowledge to accelerate your company's innovative applications while maintaining robust security measures.
Syllabus
Introduction
Agenda
Types of Kubernetes attacks
Research findings
How do they compare
Whats different about Kubernetes attacks
Are Kubernetes attacks different on a managed service
Kubernetes security checklist
Kubernetes attack matrix
Best practices
RBAC
Kubernetes Dashboard
Network Management
Pod Security Policies
Summary
Runtime monitoring
Native Kubernetes secrets
Does Stack Rocks provide PCI compliance
Outro
Taught by
CNCF [Cloud Native Computing Foundation]