With the usage of Kubernetes in large companies ever increasing, it is important to get security right early on in the adoption process. As with any new technology best practices are still emerging, so there is no “one true way” to secure a cluster.
When it comes to Kubernetes big and small, many mistakes are still made when deployed and these mistakes often come with increased risk at very little cost of putting them right. From years of working with numerous firms on doing k8s the right way, come and learn the best way to deploy clusters, what does and what doesn’t work and more importantly learn how to adopt strategies to help your clusters stay secure.
This talk was delivered to OWASP Appsec US in 2021. There’s a recording of the talk here