Kubernetes Cluster Security Audit Explained

View Show Notes and Transcript

Episode Description

What We Discuss with Shane Lawrence and Daniele Santos:

  • 00:00 Introduction
  • 02:52 A bit about Shane
  • 03:45 A bit about Dani
  • 04:23 Which kubecons have Shane and Dani attended?
  • 05:03 A bit about Dani and Shane’s talk at Kubecon EU
  • 06:42 Misconfigurations in Kubernetes
  • 09:48 Dani talks about the Kubernetes Security Report
  • 10:13 Use case for Kubernetes Misconfiguration
  • 11:45 What is Azure Escape?
  • 12:51 What is container escape?
  • 15:26 What is kubeaudit?
  • 15:49 Contributing to kubeaudit
  • 16:40 The maturity of kubeaudit
  • 19:04 How would kubeaudit help with an azure escape?
  • 19:41 The developer experience
  • 21:34 How shopify uses kubeaudit
  • 24:59 Getting started with kubeaudit
  • 25:53 Challenges with implementing kubeaudit
  • 27:19 Maturity of kubernetes security and kubecon
  • 30:02 Learning about kubernetes
  • 34:07 Areas of security not being spoken about enough
  • 36:16 Open Source and Software supply chain risks

THANKS, Shane Lawrence and Daniele Santos

If you enjoyed this session with Shane Lawrence and Daniele Santos, let them know by clicking on the link below and sending him a quick shout out at his website:

Click here to let Ashish know about your number one takeaway from this episode!

And if you want us to answer your questions on one of our upcoming weekly Feedback Friday episodes, drop us a line at ashish@kaizenteq.com.

Resources from This Episode