Kubernetes Security: A Developer's Nightmare?

With the rise of Kubernetes, the Java developer has arrived in the SecDevOps age as well. But by the multitude of complex tasks, the necessary security is often neglected. Even in managed clusters of well-known cloud providers, there are many points of attack waiting to be exploited. In this session, the security-critical components of a Kubernetes cluster are presented from a developer’s perspective. Typical security problems and corresponding measures to mitigate these will be shown. This includes topics such as Linux namespaces and capabilities, container security and pod security policies. By the end of this presentation, you will know more thoroughly the essence of secure development on Kubernetes and how to escape the developer’s security nightmare. by Andreas Falk