A social distancing approach for sharing content from the planned
KubeSec Enterprise Summit event for March 30.
Whether you are just now beginning to roll out your first production implementation of Kubernetes, or are an early adopter looking to learn from the experience of your peers, you are sure to get valuable insights from this educational event.
Who should attend?
All webinars held on Tuesdays at 2pm UK Time (3pm CET, 9am EST)
Click here to register for the entire series, or explore the available sessions below!
Secrets (SQL/LDAP passwords, SSH-keys and API-tokens) are usually kept by applications in configuration files or as source code constants. Kubernetes offers a great feature to store your application's Secrets where your containers can access them on demand. In our talk, we’ll share several use cases and flaws were using Kubernetes built-in Secrets Storage is insufficient, and review several future features of K8s and other concepts available in order to be able to better manage and secure your secrets.
How would you react if your laptop was stolen? Are you worried about attackers performing a cold boot attack to extract your Kubernetes credentials? Do you already use a YubiKey for SSH and GPG, and wonder why you cannot use it with kubectl? If yes, then this talk is for you!
Liz's new Container Security book includes a Security Checklist covering items you should at least think about when considering how to secure your deployments running on containers. In this talk, Liz gives an overview of the checklist, and dives into the details on some potential weaknesses that you really need to avoid. The takeaway challenge is for you to check whether your own environments comply with the most important of these recommendations.
With container technology rapidly entering the IT operations world together with the increasing demand in certifications of the IT environment such as ISO 27001, there is a high chance that you will get in contact with questions regarding operational compliance of your Kubernetes stack.
Based on the current available documentation on security requirements for container environments by the BSI and NIST, we will give an overview about how we would answer those questions for our in-house Kubernetes platform at WEB.DE and GMX.
Over the past year, the Aqua Security cyber research team has uncovered increasingly sophisticated attacks on containers that use obfuscation and evasion techniques to avoid detection by static scanners. Such attacks utilize novel, innocuous-looking images to embed their own code, which is often encrypted or deployed a as polymorphic malware to avoid detection. The malicious behavior of the image can only be observed when it is run as a container.
Kubernetes has an OIDC endpoint on the roadmap for release 1.18 and EKS provided their own OIDC endpoint. This talk will cover the power this will bring with Projected Service Account tokens. We will walk through how you can have secure intercluster RBAC and how to talk to external services.
Once you get past the basics of Kubernetes security, locking down your APIs and implementing RBAC you might think you’ve got most of your security issues sorted. However, like any complex system Kubernetes has some sharp security edges. This is a talk about avoiding getting cut by them.
Red Hat recently achieved SOC-2 and ISO 27001 certifications for one of our managed Enterprise Kubernetes as a service offerings, OpenShift Dedicated (OSD) on AWS.
Learn how we leveraged the built-in security features of Kubernetes and the mature security expertise of Red Hat to achieve compliance and certification of our large, multi-cluster Kubernetes fleet.
Specifically, topics covered in this session include:
What does DevOps adoption look like at enterprises, and what is the impact of that on cloud-native security? 451 Research presents results from its quantitative and qualitative research into cloud native security, particularly the relationship between current security practices and DevOps.