Working Together to Improve Security Visibility in Kubernetes

Overview

Explore a conference talk that delves into collaborative efforts to enhance Kubernetes security visibility through the lens of Microsoft experts. Learn about the intricate process triggered when CVEs are reported to the Security Response Committee (SRC), involving coordination between multiple Special Interest Groups (SIGs) and SIG Release teams. Discover how automatic CVE feeds provide programmatic security insights for new releases, while understanding the challenges in assessing dependency vulnerabilities and false positives. Gain valuable insights into current security practices and future initiatives planned by SIG Security, SIG Release, and SRC to improve security transparency across Kubernetes releases and artifacts. Master the collaborative approach to Kubernetes security management and understand how different teams work together to maintain robust security standards in the cloud-native ecosystem.

Syllabus

Working Together to Improve Security Visibility in Kubernetes - Rita Zhang & Jeremy Rickard

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Working Together to Improve Security Visibility in Kubernetes

Taught by

Kubernetes Security Response Committee: Introduction and Deep Dive

How SIG Release Cooks Trustworthy Artifacts From Raw Source Code - Kubernetes Build Process

Releasing Kubernetes Less Often and More Securely - SIG Release Update

Interactive Playground to Learn Kubernetes and Cloud Native Security

Strategies for Patching Critical CVEs in Open Source Software - Best Practices and Tools

How SIG Release Makes Kubernetes Releases More Stable and Secure

9 Best Kubernetes Courses for 2024

Never Stop Learning.