Kubernetes is fundamentally a complex system with lots of different potential attack vectors aimed at data theft, currency mining and other threats. This talk provides an overview of the current state of security-related features in Kubernetes, and gives directional starting points on how to secure Kubernetes components and the applications that run on top of these Kubernetes components. For the topics explored, pointers on where to further investigate will be offered.
Topics Covered: 1) Container image scanning and container security, 2) Security boundaries (pod, namespace, node, cluster) 3) Securing the control plane and Kubernetes APIs, 4) Authentication and authorization, including new tools available, 4) Runtime considerations, secrets management and more!