Dates
Conferences
Tags
Sort by:
Most recent
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Gal Cohen, Liav Yona
2023-04-21
tldr - powered by Generative AI
The presentation discusses the importance of secure secret management in Kubernetes and provides solutions for managing secrets in a more secure way.
- Secrets are essential for applications to function properly, but cannot be stored in Version Control Systems
- Kubernetes Secrets are the representation of secrets in Kubernetes
- By default, Kubernetes Secrets are stored unencrypted in etcd
- The Secret Store CSI Driver provides a more secure solution for managing secrets in Kubernetes
- The Secret Store CSI Driver integrates seamlessly into code and ensures robust security and least privilege access
- Other solutions for managing secrets in Kubernetes include Vault, environment variables, and Mozilla Subs
Conference: Linux Security Summit Europe 2022
Authors: John Johansen, Georgia Garcia
2022-09-16
tldr - powered by Generative AI
The presentation discusses various methods for improving application confinement and security, with a focus on achieving a level of confinement similar to that of Android applications.
- Shell type programs can be used to extract information and limit access to certain subsets of data
- Forced launchers can be used to override kernel settings and set up custom loaders for applications
- Code injection can be used to modify application behavior, but is not feasible for widespread use
- Address matching and control flow integrity can be used to modify application behavior without directly modifying the code
- The goal is to achieve tighter confinement for applications without burdening the user
- Dynamic data can be used to tighten security measures