A secure journey on Kubernetes

The container orchestration Kubernetes is like an onion: It has many layers. Each layer has its own set of vulnerabilities, and it is important to learn how to mitigate them.

This workshop will teach the attendees how to analyze, scan, and fix their vulnerabilities in Kubernetes, starting from the infrastructure and moving all the way up to the application runtime. We will explore benchmark tooling (kube-bench) to scan your installation and figure out where security can be increased. We will deploy a Docker registry (Harbor) and check if your docker images have vulnerabilities. Furthermore, we will deploy some rules via Open Policy Agent to validate what is deployed on your clusters.

At the end, you will be able to secure your own installation and clusters by yourself and make your security department happy.

Vorkenntnisse

* Basic understanding of Kubernetes.

Lernziele

* The workshop will enable attendees to go back to their work with a set of tools and a security checklist that they can leverage in their own projects.
* All tools presented in the workshop are Open Source.

 

Agenda

ab 10.00: Registrierung und Begrüßungskaffee
11.00: Beginn
12.30 - 13.30: Mittagspause
15.00 - 15.15: Kaffeepause
16.30 - 16.45: Kaffeepause
ca. 18.00 Uhr: Ende

 

Technische Anforderungen:

  • Knowledge of basic docker and kubernetes is needed.
  • Docker installed and a proper command-line

Speaker

 

Julien Garcia Gonzales
Julien Garcia Gonzales is a Solution Engineer at Giant Swarm. Having background as a Java developer and a lot of frustration acquired, he was able to find his way in DevOps culture, Docker and Kubernetes, and containerization stuff & OSS community. He fell in love with Go and tries to bring other people along. He likes to share his passion with Belgian Tech Communities. He currently helps on running applications securely and successfully on kubernetes.

Platin-Sponsor

Gold-Sponsoren




Silber-Sponsoren


INNOQ

´
XebiaLabs

Bronze-Sponsor



CLC-Newsletter

Sie möchten über die Continuous Lifecycle
auf dem Laufenden gehalten werden?

 

Anmelden