CNCF On-Demand Webinar: 5 Key Steps to Securing a Default Kubernetes Cluster

CNCF Online Programs

February 9, 2023 at 8:00 AM UTC – February 10, 2023 at 8:00 AM UTC

Virtual event

About this event

Many day-to-day users of Kubernetes call it a win just to have their applications successfully up-and-running without any errors. Any further thoughts of best practices or security often gets pushed to the back burner. With a little extra grooming of a default Kubernetes cluster, its security posture can be significantly strengthened. Learning to store secrets properly, limiting open networks and constructing containers that aren’t over-privileged becomes a must when dealing with production environments at scale. 

This talk will focus around the default insecurities present in a Kubernetes cluster and 5 practical implementations that can be put in place to secure it. We’ll look at etcd and how it stores the cluster’s configuration data, including insecure secrets. We’ll discuss unrestricted pod-to-pod access and network policies, as well as enforcement of mutual TLS to encrypt internal traffic. Finally, we’ll take a look at pod-level security and best practices on that level, as well as securing access and RBAC/ABAC into the cluster itself. Users of Kubernetes will walk away with practical tools they can use immediately to tighten up the security of clusters in their own environments.

Speaker

  • Travis Rodgers

    Teleport

    Developer Relations Engineer

Organizers

  • Ihor Dvoretskyi

    Cloud Native Computing Foundation

    Organizer

  • Kristi Tan

    CNCF

    Organizer

  • Chris Aniszczyk

    Linux Foundation (CNCF)

    Organizer

  • Libby Schulze

    CNCF

    Organizer

CONTACT US