Kubernetes security explained : We spoke to Cailyn Edwards, CNCF Ambassador and Senior Security Engineer at Shopify. Interview was recorded at Kubecon NA 2023. We asked her about the complexities of Kubernetes Network Security in a multi-tenant environment. During the interview, she shared the nuances of Kubernetes network security in multi-tenant setups, tools and tactics for securing Kubernetes environments, insights from her journey at Shopify and tips for advancing the security maturity of Kubernetes networks.
Thank you to our episode sponsor Vanta - You can check them out at vanta.com/cloud
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction (02:25) A bit about Cailyn (03:08) How is Kubernetes Networking different? (04:20) Foundational pieces of Kubernetes Networking (06:21) Whats missing in Kubernetes Networking? (07:47) What is Multi Tenancy? (10:20) What are some of the common threat models? (13:16) How are people responding to threats? (14:41) Where to start learning about this? (16:26) Best practices for Kubernetes Networking (18:16) What becomes more important with maturity? (21:14) Resources to learn more about Kubernetes Security (22:30) The Fun Section
Resources shared during the episode:
Kubernetes Security Checklist - https://kubernetes.io/docs/concepts/security/security-checklist/
Pentesting your own cluster with Liz Rice - https://www.youtube.com/watch?v=fVqCAUJiIn0
Challenges with Building Serverless Applications at Scale
Microsoft releases CSPM for AWS & More Linux Security Support on Azure
Security Governance and Compliance in Serverless Applications
AWS Earns over 16billion this quarter + SEGA on Microsoft Azure - Cloud Security News
How to Build Applications with Zero Trust Principles
What is SaaS Security Posture Management (SSPM)?
AWS Lands UK Spy Services Contact + Google Cloud + Azure release Q3 results - Cloud Security News
Threat Detection and Incident Response in Cloud - Nathan Case
HashiConf Global 2021 - Our Cloud Security Picks - Cloud Security News
Talks not to be missed at Kubecon North America 2021 - Cloud Security News
All the Security Updates - Google Cloud Next 21 - Cloud Security News
What is Cloud Native Application Protection Platform - CNAPP Explained!
Google Cloud Next 21, Kubecon and VMworld - Cloud Security News
Implementing Cloud Security Tools the Right way - Stay Alert Not Fatigue!
AWS Launches Cloud Control API - Cloud Security News
Data Security in Cloud with David McCaw, Dasera
Cloud Security ranks in 2021 OWASP Top 10 - Cloud Security News
Cloud Security Careers: Application Security Engineer Skills with Tanya Janca
Cloud Security Careers: Threat Analyst Skills
Vulnerabilities in AWS, GCP and Azure - Cloud Security News
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast