Hands-on Workshop: Batten Down the Hatches! A Cluster Security Journey

The presentation discusses the importance of asset inventory in Kubernetes clusters and highlights the need to stay updated with CVEs and API specifications. It also emphasizes the significance of networking and security in managed providers like EKS, GKE, and AKS.

• Asset inventory is crucial in Kubernetes clusters to identify running applications and stay updated with CVEs and API specifications.
• Managed providers like EKS, GKE, and AKS have limits and boundaries that need to be considered, especially in terms of networking and security.
• Staying ahead of the curve of application developers is important for platform engineers responsible for Kubernetes clusters.
• Links to official Kubernetes CVE streams are provided for reference.

The speaker emphasizes the importance of staying updated with CVEs and API specifications in Kubernetes clusters. Upgrading a cluster without considering deprecated APIs can cause issues with resource deployment and upgrading. The speaker advises platform engineers to stay ahead of application developers to avoid such issues. Additionally, the speaker highlights the significance of networking and security in managed providers like EKS, GKE, and AKS, which have limits and boundaries that need to be considered. It is important to be aware of these limitations, especially when dealing with security groups and outbound communication.

Your career is really taking off and you’ve finally landed that security engineer role at the company of your dreams. At your first daily standup meeting, the Chief Security Officer welcomes you aboard and gives you your first major project to lead which is aptly named, “Operation: Cluster Lockdown”. In this hands-on workshop, the instructors will dive into the methods used to perform a successful real world Kubernetes security audit. Attendees will learn through instructor-led scenarios how to perform cluster / workload inventory, rapidly assess the security posture of workloads, enforce least privilege for end-users and service accounts, and comply with established compliance standards. Each workshop attendee will be provided with a pre-configured public cloud environment running real-world Kubernetes workloads. The tools and methodologies covered in this workshop will give attendees the real world experience to perform a rapid Kubernetes security posture audit in their own organization’s clusters.