ToorCamp 2022

Navigating the shallow waters of Kubernetes Security
07-16, 13:30–13:50 (US/Pacific), Prime Dome

Kubernetes popularity has triggered a growth of frameworks, tools and technologies around it. This in turn spurred growth of the attack surface. We'll chat about default security controls and the lack of protections, issues and trade-offs that one makes when deploying on Kubernetes. We'll also talk about using the best of the new technologies and processes for keeping the applications out of harms way.


Outline
- Do containers and orchestrators help or hurt my application security?
- Effects of the new application stack - platform, os, container, orchestrator
- Where containerization helps, where it does not, and where it makes things worse
- Shipping the containers in a good, ok and ugly way
- The huge list of 3rd party apps required to support a production Kubernetes deployment
- Offloading the platform/os stack to managed K8s providers. Where it helps security and where it hurts it.
- A demo of DigitalOcean kubernetes cluster pwnage
- Docker defaults, kubernetes defaults and 3dr party defaults.
- Recommendations for securing Kubernetes - Easy, Medium and Advanced stages

Alex Ivkin leads a security solutions group at Eclypsium, a US security startup. His focus is on researching secure deployments of (in)secure software, including container orchestration, application security, and firmware security. Alex has two decades of itsec experience, delivered security trainings, holds MS in Computer Science, co-authored security certifications and climbs mountains in his spare time.

This speaker also appears in: