Batten Down the Hatches! A Cluster Security Journey¶
In this hands-on workshop, the instructors will dive into the methods used to perform a successful real world Kubernetes security audit. Attendees will learn through instructor-led scenarios how to perform cluster / workload inventory, rapidly assess the security posture of workloads, enforce least privilege for end-users and service accounts, and comply with established compliance standards. Each workshop attendee will be provided with a pre-configured public cloud environment running real-world Kubernetes workloads. The tools and methodologies covered in this workshop will give attendees the real world experience to perform a rapid Kubernetes security posture audit in their own organization’s clusters.
Use the Copy to Clipboard Feature
Each terminal command block in this guide has a double-square icon on the far right side which automatically copies the content to your paste buffer to make things easier to follow along.
Getting Started¶
Click on "Getting Started" in the table of contents.
About the Creators¶
-
Jimmy Mesta is the co-founder and CTO at KSOC. He has been helping security teams approach Kubernetes since 2016. Prior to founding KSOC, Jimmy held senior leadership positions at a number of enterprises including Signal Sciences (acquired by Fastly, Inc.) where he led a team of researchers and engineers. He is a well-versed public speaker and has presented at a variety of global conferences including KubeCon, LocoMocoSec, RSA, NDC, CactusCon, and AppSec USA.
-
Steve Wade is currently one of the founding engineers at KSOC. Before his current role, Steve held Platform leadership roles at UnderWrite Me and Mettle. During these roles, he leveraged the concept of GitOps to provide self-service platforms to developers. He has also provided Kubernetes consultancy and training worldwide during his time as a Consultant at Apprenda. Steve has served in leadership roles across many verticals including real estate, gaming, and the UK parliament.