WORKSHOP: DevSecOps Best Practices for Complete Kubernetes Lifecycle Security

Kubernetes Security Berlin
Kubernetes Security Berlin
Public group

SysEleven GmbH

Boxhagener Str. 80 · Berlin

How to find us

Entrance to workshop will be at number 79

Location image of event venue

Details

WHO SHOULD ATTEND

• DevSecOps
• DevOps
• SRE
• CISO
• Security Consultants
• DevOps Consultants

This workshop is suitable for attendees who are familiar with Kubernetes and cloud native concepts, and who have previous experience deploying and maintaining Kubernetes clusters.

Kubernetes is extremely agile, powerful and useful, but it also introduces new complexities to your infrastructure and organization, and can easily expose critical infrastructure to new threats and vulnerabilities. Modern cloud native organizations must now infuse security best practices into their organization and complete DevOps workflow. However, most developers are not security experts.

DevSecOps is a methodology that integrates security, compliance, and configuration guardrails into developers’ workflows so that they can build and deploy Kubernetes workloads with agility—all while ensuring that their clusters and applications are protected from threats and malicious activity by default.

This half day, hands-on workshop will guide you through the risks Kubernetes introduces and remediation and hardening strategies using a combination of presentations, tutorials, and hands-on exercises. Learn best practices and tactics that will get you on a fast track to hardening your Kubernetes applications both in development and in production.

THIS WORKSHOP WILL COVER

▻ Kubernetes Concepts & Configuration Best Practices
▻ Service Account and users
▻ K8s Authorization
▻ RBAC
▻ Pod Security Policy
▻ Simple Layout for Namespaces, Service Accounts and PSP
▻ Evaluating risks before you go into production
▻ Risk Assessment (Kube-Scan)
▻ Threat Vectors
▻ Criticality of your Application
▻ Resilience
▻ How to simplify DevSecOps through automation

WORKSHOP LED BY

Thomas Fricke | Container and Network Security Trainer
Thomas Fricke is a founder and the former CTO of Endocode.
He is a cloud architect, has build and rolled out virtualisation management systems in secure and critical environments. For customers he has worked on scaling deployment pipelines, distributed SQL and NoSQL databases.
He is giving workshops and trainings on Kubernetes, with focus on container and network security.

Ram Akuka | Senior Solutions Architect | Octarine

REQUIREMENTS

• Laptop
• Access to non-production Kubernetes cluster
• Recommended: download and conduct local risks assessment of kubernetes clusters with kube-scan, the open-source risk assessment tool for kubernetes workloads here: https://github.com/octarinesec/kube-scan

⎈ Lunch will be provided at the end of the workshop ⎈

Please note places are limited to 25 for the workshop.