The Hitchhiker’s Guide to Kubernetes Vulnerabilities - Robert Clark & Micah Hausler, Amazon

less than 1 minute read

Abstract

The earth is gone. You’re the only one left. Was Kubernetes to blame? Is prior performance a strong indicator of future behavior? Is Kubernetes on a positive security trajectory? Have community efforts improved security? The speakers will present research that examines security problems throughout the entire history of the Kubernetes project. They explore patterns and trends in the data. They show a taxonomy for classifying k8s vulnerabilities; including analysis of root causes and contributing factors. They dive into each issue, examining metrics like time from commit-to-discovery, time-to-resolution, detection of similar events etc. They look to patterns of previous behavior to help the audience predict future performance. They interview leaders in the community and overlay historical security data with efforts to improve security. They show the impact SIGs, WGs, Audits, etc had on k8s security and suggest how the security posture of k8s might evolve in the future.

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

The Hitchhiker’s Guide to Kubernetes Vulnerabilities - Robert Clark & Micah Hausler, Amazon

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google