Rootconf Delhi edition

On network engineering, infrastructure automation and DevOps

Tickets

Securing your Kubernetes cluster

Submitted by saurabh gupta (@gupta-saurabh) on Tuesday, 15 October 2019

Section: Full talk (40 mins) Category: DevSecOps Status: Rejected

Abstract

Abstract
Kubernetes is currently the most popular container orchestration engine of choice, but its security is debatable. There are some vulnerabilities that have already been discovered in Kubernetes and Docker. The question that arises is what are the potential risks of these vulnerabilities to the application/business, and how we can go about fixing these.

The talk will also cover what are some of the best security practices that should be followed while designing and implementing Kubernetes within an organisation.

Outline

Outline
1. How vulnerable is your Kubernetes cluster?
2. Past known vulnerabilities in Kubernetes and their potential risks.
3. How to fix these known vulnerabilities.
4. Security best practices to be followed while designing a Kubernetes cluster.

Requirements

Requirements:
Basic knowledge of Kubernetes/Container technologies is expected. This session will focus on real-world security threats associated with Kubernetes and how we can follow some best practices to make our Kubernetes clusters more secure.

Speaker bio

I am Tech enthusiast with over a decade of experience in the software industry. My focus areas and expertise is around DevOps, Cloud Automation,Containers, Kubernetes and Security. I am currently associated with DigitalOcean as a Sr.Developer Advocate. I often speak at community gatherings and conferences and I am a part of CNCF Speaker’s Bureau.

Comments

  •   Zainab Bawa (@zainabbawa) Reviewer 5 months ago

    Thanks for the submission, Saurabh. Here are some questions regarding your proposal:

    1. What are the basis of the best practices you recommend? Why are these best practices extensible to everyone in the audience at Rootconf Delhi?
    2. What are the anti-patterns to the best practices?

    In general, participants at Rootconf want to hear war stories or case studies based on production experiences. Best practices are always questionable because technology and business contexts are not one-size-fits-all.

    You may want to reconsider your proposal by referring to a war story or one specific issue from which participants can learn.

Login with Twitter or Google to leave a comment