logo

🦝 Minimalism: Key to Cloud Security

2023-04-20

Authors:   Barun Acharya


Abstract

Containers and Orchestrators are being rapidly adopted worldwide due to the advantages they provide but so has risen the cyber attacks on the same. With the rise in recent zero days there’s an ever more demanding need to enforce security in containers.Even with Static Analyzers in place which scan for known vulnerabilities, a new vulnerability can pop up anytime or you can be compromised at runtime which may end up in losses. We should try to reduce the attack surface as much as possible to reduce these unknown unknowns.This talk will be about how can one choose to be a minimalist about their workloads right from choosing the right node images to reducing dependencies in our containers and finally restricting minimizing risks at runtime. We will explore about Optimized Operating Systems, RBAC, Docker Slim, Network Policies, Security Context and tooling around Mandatory Access Control and how they can help you out on your path to become minimalist with your workloads to secure them.

Materials: