{"id":6913,"date":"2019-02-14T02:00:09","date_gmt":"2019-02-14T10:00:09","guid":{"rendered":"http:\/\/softwareengineeringdaily.com\/?p=6913"},"modified":"2021-10-01T08:02:10","modified_gmt":"2021-10-01T15:02:10","slug":"kubernetes-security-with-liz-rice","status":"publish","type":"post","link":"https:\/\/softwareengineeringdaily.com\/2019\/02\/14\/kubernetes-security-with-liz-rice\/","title":{"rendered":"Kubernetes Security with Liz Rice"},"content":{"rendered":"

<\/p>\n

A Kubernetes cluster presents multiple potential attack surfaces: the cluster itself, a node running on the cluster, a pod running in the node, a container running in a pod. If you are managing your own Kubernetes cluster, you need to be aware of the security settings on your etcd, your API server, and your container build pipeline.<\/p>\n

Many of the security risks of a Kubernetes cluster can be avoided by using the default settings of Kubernetes, or by using a managed Kubernetes service from a cloud provider or an infrastructure company. But it is useful to know about the fundamentals of operating a secure cluster, so that you can hopefully avoid falling victim to the most common vulnerabilities.<\/p>\n

Liz Rice wrote the book Kubernetes Security<\/em> with co-author Michael Hausenblas. Liz works at Aqua Security, a company that develops security tools for containerized applications. In today\u2019s show, Liz gives an overview of the security risks of a Kubernetes cluster, and provides some best practices including secret management, penetration testing, and container lifecycle management.<\/p>\n

 <\/p>\n

Show Notes<\/h2>\n