Detecting anomalous network patterns

SRE for data security and observability

The changing landscape of Kubernetes Security Policies

Submitted Mar 2, 2021

Kubernetes has a built-in security policy feature called “Pod Security Policy”. This feature has been in a beta state for a very long time. Nevertheless, the community has decided to scrap it.

This talk will highlight the problems with PSP and why the community decided to move away from this inbuilt feature.

What are the other policy enforcement options to PSP, how do these tools fare against PSP, how does the helm chart provider manoeuvre this fragmented ecosystem? Are there tools that produce policies by looking at the application in action?

How is upstream enabling users with this seismic shift with all the downsides of scraping PSPs?