Last week we were very fortunate to feature Matt Johansen on our monthly Lunch and Learn series. Matt spoke on Kubernetes and the security implications and architecture patterns necessary to adopt it. In the talk there was a great discussion on logging, monitoring and more. If you missed the talk, don’t worry! The video is now ready for you here.
At the end of the session, Matt Johansen answered these questions:
- How is logging handled in Kubernetes?
- How do you handle auditd logs in containers?
- If starting over, would you pick Kubernetes again?
- Is there a security benefit around super short lived containers?
- Whats the basic first step for getting into Kubernetes?
Kubernetes is Google’s answer to container orchestration and some of the tools it provides developers are indistinguishable from black magic. However, with the power that it provides it also can let you fall into some security holes that are hard to climb out of.
In this presentation we’ll go through those pitfalls, along with some huge security benefits that using such a fluid containerized environment can provide you. Learn lessons from the head of security of a recently acquired financial tech startup who is all-in on Kubernetes and has the bruises and badges of honor to show for it.
For a DevOps practitioner or enthusiast this will allow you to walk a way with a better understanding of Kubernetes as a whole, and how to secure it right from the ground up. Learn to monitor your infrastructure properly for malicious behavior, how to respond to incidents, and some simple best practice security hygiene.
Remember to check out the webinar recording here!
If you enjoyed this article please let us know by clicking the little heart below.
At Signal Sciences we are building the industry’s first Next Generation Web Application Firewall (NGWAF). Our NGWAF was built in response to our own frustrations of trying to use legacy WAFs while enabling business initiatives like DevOps, cloud adoption and continuous delivery. The Signal Sciences NGWAF works seamlessly across cloud, physical, and containerized infrastructure, providing security without breaking production traffic.