Kubernetes security explained : We spoke to Cailyn Edwards, CNCF Ambassador and Senior Security Engineer at Shopify. Interview was recorded at Kubecon NA 2023. We asked her about the complexities of Kubernetes Network Security in a multi-tenant environment. During the interview, she shared the nuances of Kubernetes network security in multi-tenant setups, tools and tactics for securing Kubernetes environments, insights from her journey at Shopify and tips for advancing the security maturity of Kubernetes networks.
Thank you to our episode sponsor Vanta - You can check them out at vanta.com/cloud
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction (02:25) A bit about Cailyn (03:08) How is Kubernetes Networking different? (04:20) Foundational pieces of Kubernetes Networking (06:21) Whats missing in Kubernetes Networking? (07:47) What is Multi Tenancy? (10:20) What are some of the common threat models? (13:16) How are people responding to threats? (14:41) Where to start learning about this? (16:26) Best practices for Kubernetes Networking (18:16) What becomes more important with maturity? (21:14) Resources to learn more about Kubernetes Security (22:30) The Fun Section
Resources shared during the episode:
Kubernetes Security Checklist - https://kubernetes.io/docs/concepts/security/security-checklist/
Pentesting your own cluster with Liz Rice - https://www.youtube.com/watch?v=fVqCAUJiIn0
Software Signing for Kubernetes Supply Chain & Everybody Else
KUBERNETES BEST PRACTICES 2022
Building Blocks of a Modern Cloud Security Program
THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 2
SecDataOps Explained - Modern Security Stack
THIS IS MY Cloud SECURITY ARCHITECTURE - Azure Security Best Practices - Part 1
Cloud Security Monitoring in a Modern Security Stack
API SECURITY BEST PRACTICES 2022
BlackHat Defcon 2022 - The Cloud Security Edition
HOW TO Threat Model Digital Applications in Cloud
HOW TO SECURE CONTAINER ENVIRONMENT FOR FINANCIAL SERVICES
AWS ReInforce 2022 Recap & Highlights
Fundamentals of AWS Cloud Security Assessment
So Now You Know!
HOW TO SECURE AWS CLOUD ENVIRONMENT FOR HEALTHCARE
Zero Trust and the Triple Paradox
Building AWS Security Guardrails
Fix the Broken Digital Supply Chain
3 THINGS THAT BROKE THE DIGITAL SUPPLY CHAIN
Digital Transformation - ARE WE THERE YET!
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast