Introduction to Kubernetes Security - Marc Boorshtein

Security Automation

Learn the fundamentals of Kubernetes security from experienced expert Marc Boorshtein, covering topics such as automating security, identity management, secure communications, secret storage, and more.

Key takeaways
  • Automate security
  • Use OpenID Connect for identity management
  • Use impersonating proxies to secure communications
  • Store secrets securely, not in Git
  • Use VPNs for multi-tenancy
  • Use network policies for isolation
  • Use RBAC for role-based access control
  • Keep secrets short-lived and revolvable
  • Use JWTs for authentication
  • Use service accounts for automation
  • Integrate with identity management systems
  • Use role bindings for security
  • Use OpenShift for security
  • Use Argo for automation
  • Use Cilium for network policy management

More talks

Devoxx Greece 2024 - Navigating the Chaos: A Holistic Approach to Incident Management by Hila Fish

Marcia Villalba – Getting started with Orchestration and Choreography in Distributed Applications

AI Assisted Decision Making of Security Review Needs for New Features

From idea to production in a day: Leveraging Azure ML and Streamlit to build and user test machine …

Stabilising eccentric systems - Jessica Brentnall - NDC Oslo 2024

Meet Chicory, exploit the power of WebAssembly on the server side! by Andrea Peruffo

A Guided Tour of ISTIO Ambient Mesh - Lin Sun

Jeroen Overschie & Jetze Schuurmans - Are you ready for MLOps? 🫵 | PyData London 2024