Security Through Transparency: Kubernetes SIG Security Update

The presentation discusses the Kubernetes security projects and initiatives, including the development of a security checklist and a hardening guide, as well as the importance of collaboration and community involvement.

• The Kubernetes security team is working on two major projects: an RBAC guide and a security checklist
• The team is also developing a hardening guide and a threat model for Kubernetes admission control
• Collaboration and community involvement are crucial for the success of these projects
• The team encourages contributors of all levels to participate in the projects
• The goal is to provide end-users with a baseline for secure deployment and to mitigate potential vulnerabilities

The speaker shares their experience as a platform engineer and how they would have appreciated having a security checklist when deploying a cluster. They emphasize the importance of having a template to build on and the potential consequences of misconfigurations leading to security vulnerabilities.

Kubernetes SIG Security is a newer SIG, dedicated to improving Kubernetes security by providing space for learning together, sharing our expertise, and building bridges between SIGS and externally with the broader security community. We’re here this KubeCon to tell you about what we’ve been up to! Come for this session featuring updates from our docs, tooling, and third party security audit subgroups about our efforts to keep Kubernetes secure through transparency, not obscurity. Stay to learn how you can get involved. Happy Honking!