Demonstration of Automatic Kubernetes Network Policies Generation - Boaz Michaely, Red Hat & Adi Sosnovich, IBM Research

less than 1 minute read

Abstract

Kubernetes networking by default is Malicious Actors’ heaven.Why? Because by default, any pod can send and receive traffic to and from any other pod, ignoring namespace and privilege boundaries. External traffic in both directions is allowed as well, as far as Kubernetes is concerned.Indeed, best practices rightfully dictate that this default be modified, using “Kubernetes Network Policies” .Yet most teams find this too difficult to implement.Authoring NetworkPolicy YAML is very challenging.Baseline/AdminNetworkPolicy fills a gap for cluster administrators, but authoring these policies and understanding their impact is a new, additional challenge.Furthermore, policy authors may not know what the application’s communication needs are.What if there was a way to automatically produce tight network policy rules, in YAML, and see the impact of applied B/ANP network policies?Join this session to see the magic yourself, and learn how you can leverage this technology today!

Sched URL

Video

Share on

X Facebook LinkedIn Bluesky

About

Conferences

Demonstration of Automatic Kubernetes Network Policies Generation - Boaz Michaely, Red Hat & Adi Sosnovich, IBM Research

Abstract

Video

Share on

You May Also Enjoy

You Deployed What?! Data-Driven Lessons on Unsafe Helm Chart Defaults - Yossi Weizman, Microsoft

Tools and Strategies for Making the Most of Kubernetes Access Control - Lucas Käldström, Upbound & Micah Hausler, AWS

The Ultimate Container Challenge: An Interactive Trivia Game on Supply Chain Security - Aurélie Vache, OVHcloud & Sherine Khoury, Red Hat

Securing Data Applications at Pinterest With Finer Grained Access Control on Kubernetes - Soam Acharya & William Tom, Pinterest