by Gadi Naor
All Things Container Security
Cloud Native Security For Kubernetes In Practice
Securing Cloud Native Applications is a multi-objective and multi-constrained problem space spanning individuals, teams, processes, culture, infrastructure and tools. It is safe to assert that with cloud native applications nearly everything falls into security; from identity, through runtime and networking handling data in flight to storage handling data at rest and everything in between. The MITRE ATTACK® framework is a knowledge base of known tactics and techniques that are involved in cyberattacks, originally created for the IT computing environment and recently adapted for Kubernetes. In this talk, we will dive into the MITRE ATTACK Kubernetes Threat Matrix, review one of the recently published Kubernetes vulnerabilities within the context of the Kubernetes Threat Matrix. Throughout the talk, we will emphasize security practices that Kubernetes based cloud native application builders and operators can adopt for a secure day 2 Kubernetes.