Kubernetes Security 101: Best Practices to Secure your Cluster

And we're BACK! After the Summer School, we take a month break and return with...
CLOUD SECURITY!

Or better said...
KUBERNETES SECURITY!!!

Magno Logan, one of the top cloud security researchers in the world, will give his Kubernetes Security 101 workshop to WICCA. Here below, you'll find all the details you need!

Requirements: Have an AWS account. Know how to use an IDE. Basic understanding of git and YAML.

Abstract: This workshop aims to give an overview of how Kubernetes works and provide some best practices to secure your cluster whenever you are deploying a new cluster on your own or via managed services such as GKE, EKS, or AKS. We are going to cover everything from the Control Plane or the Master Node, starting with the API server, including etcd, RBAC, and network policies. Then, we’ll cover the worker nodes, kubelet, audit logs and pods best practices. We'll talk about the CIS Benchmarks for Kubernetes and the default configurations you need to worry about when deploying a new cluster. We'll show how to use RBAC and assign roles and permissions to your cluster users. We'll demonstrate how to enable audit logs for better visibility and later we'll set up some network policies to avoid communication between pods and prevent any lateral movement from attackers.

Outline:
Kubernetes

• What is Kubernetes?
• Why should I use it?
• What is the CNCF?
• What are cloud native applications?
  K8s Architecture
• Control Plane (API Server, etcd, scheduler, controller-manager)
• Worker Nodes (kubelet, kube-proxy and CRE)
  Cluster, Nodes, Pods and Namespaces
  K8s API Objects
  kubectl
  Setting up your first cluster
  Deploying your web app as a pod
  Using services and load balancers
  Exposing web application
  Hardening K8s
• API Server
• CIS K8s Benchmark
• Image Scanning
• Runtime Protection
• Network Policy
• Pod Security Policy (PSP) - Deprecated
• PSP Alternatives
• Audit Logs

Speaker: Magno Logan works as an Information Security Specialist for Trend Micro. He specializes in Cloud, Container, and Application Security Research, Threat Modelling, and Red Teaming. In addition, he has been tapped as a resource speaker for numerous security conferences around the globe. He is the JampaSec Security Conference and the OWASP Paraiba Chapter founder, and an active member of the CNCF Security TAG team.