In-person + Virtual
October 24-28
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Friday, October 28 • 11:00am - 12:30pm
Tutorial: Reducing the Sticker Price Of Kubernetes Security - Pushkar Joglekar, VMware

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

NOTE: To have the best experience during the tutorial, please download the tools in this section of the README: https://github.com/PushkarJ/kccncna-22-tutorial#pre-requisites prior to the session. 

Further Reading is on Slide 52 of the attached slide deck PDF. 

“Securing Kubernetes is full of landmines with Dragons lurking everywhere you see _yaml_.” Sounds familiar? This statement captures the general feeling of many years of many End User admins who are tasked with managing Kubernetes clusters. In the last couple of years, however, the community has worked on several incremental changes that have improved the security posture of Kubernetes significantly. Good news is that they are simple and do not require weeks to get them right! In this tutorial, Pushkar Joglekar will take you on a journey of learning hands-on techniques, open source tools, and newer security enhancements that will make deploying a secure kubernetes cluster faster and a little bit easier. We will start with verifying signed kubernetes release images for any version of your choice, applying Pod Security Standards at cluster or namespace level and configuring Runtime SecComp Profile by default for all workloads in a cluster running on your own system. At the end we will tie all these security features to real world vulnerabilities and known attacks to get that fuzzy and warm feeling, on a cold October day in Detroit, of being able to prevent vulnerability exploits in your clusters because you applied what you learnt in this tutorial. Happy Honking Defensively !!!

avatar for Pushkar Joglekar

Pushkar Joglekar

Cloud Native Security Engineer, Independent
Pushkar Joglekar wears multiple hats in the community as: CNCF Security - TAG Co-Chair & Kubernetes SIG Security Tooling Sub-Project Lead to “Make Kubernetes Secure For All”. Since 2019, he feels incredibly fortunate to have written the security chapters in Nigel Poulton’s “The... Read More →

Friday October 28, 2022 11:00am - 12:30pm EDT
330 AB Huntington Place: 1 Washington Blvd, Detroit, MI 48226
  Security + Identity + Policy