CONTINUOUS KUBERNETES SECURITY IN 2023
Cloud Security Podcast14 Huhti 2023

CONTINUOUS KUBERNETES SECURITY IN 2023

Cloud Security Podcast - This month we are talking about "Kubernetes Security & KubeCon EU 2023" and for the second episode in this series, we spoke to Andrew Martin (Andrew's Linkedin). Kubernetes Security Best practices built using the OWASP Top 10 for Kubernetes is not enough to deal with new and unknown attack vectors for your Kubernetes deployment. In this episode we have Andrew Martin on how you can deal with Kubernetes attack vectors including supply chain issues.


Episode ShowNotes, Links and Transcript on Cloud Security Podcast: ⁠⁠⁠www.cloudsecuritypodcast.tv⁠⁠⁠


FREE CLOUD BOOTCAMPs on ⁠⁠⁠www.cloudsecuritybootcamp.com⁠⁠⁠


Host Twitter: Ashish Rajan (⁠⁠⁠@hashishrajan⁠⁠⁠)

Guest Socials: Andrew Martin (Andrew's Linkedin)

Podcast Twitter - ⁠⁠⁠@CloudSecPod⁠⁠⁠ ⁠⁠⁠@CloudSecureNews⁠⁠⁠


If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠Cloud Security News ⁠⁠⁠

- ⁠⁠⁠Cloud Security BootCamp⁠⁠⁠


Spotify TimeStamp for Interview Questions

(00:00) Introduction

(00:15) A word from our sponsors - head over to snyk.io/csp to find out more

(02:50) A bit about Andrew Martin

(03:33) What is cloud native security?

(06:31) What is Kubernetes Security?

(10:23) Kubernetes Security vs Cloud Native Security

(11:52) Why is Kubernetes so popular?

(16:20) What are the components of Kubernetes security?

(21:43) Container security in Kubernetes landscape

(26:34) Common attack vectors for Kubernetes

(32:16) Impact of cloud in attack vectors

(35:38) Managed Kubernetes

(38:13) Rationale for using multi cluster

(41:11) Should everyone use Kubernetes?

(44:18) Is Serverless still relevant ?

(47:38) Where can people learn about Kubernetes security?

(53:01) The fun questions


See you at the next episode!

Jaksot(345)

The Truth About CNAPP and Kubernetes Security

The Truth About CNAPP and Kubernetes Security

In this episode of the Cloud Security Podcast, host Ashish Rajan speaks to James Berthoty, founder of Latio.Tech and an engineer-driven analyst, for a discussion on cloud security tools. In this episo...

14 Tammi 202540min

Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem

Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem

In this episode our host Ashish Rajan sat down with Ross Haleliuk, author of Cybersecurity for Builders and creator of the Venture in Security blog, to explore the current state and future of the cybe...

10 Tammi 20251h 10min

Centralized VPC Endpoints - Why It Works for AWS Networking

Centralized VPC Endpoints - Why It Works for AWS Networking

In this episode, Meg Ashby, a senior cloud security engineer shares how her team tackled AWS’s centralized VPC interface endpoints, a design often seen as an anti-pattern. She explains how they turned...

17 Joulu 202448min

What is CADR?

What is CADR?

In this episode, recorded at Kubecon NA in Salt Lake City, we spoke about about Kubernetes security with Shauli Rozen, co-founder and CEO of ARMO Security. From the challenges of runtime protection to...

5 Joulu 202429min

Building Platforms in Regulated Industries

Building Platforms in Regulated Industries

At HashiConf 2024 in Boston, our host Ashish Rajan had a great chat over some cannolis and a game of Jenga with AJ Oller, AVP of Engineering at The Hartford about how automation, mainframes, and compl...

21 Marras 202436min

Dynamic Permission Boundaries: A New Approach to Cloud Security

Dynamic Permission Boundaries: A New Approach to Cloud Security

In this episode, Ashish spoke with Kushagra Sharma, Staff Cloud Security Engineer, to delve into the complexities of managing Identity Access Management (IAM) at scale. Drawing on his experiences from...

12 Marras 202446min

Building a Resilient Cloud Security Program after Merger and Acquisition

Building a Resilient Cloud Security Program after Merger and Acquisition

In this episode, host Ashish Rajan sits down with Prahathess Rengasamy, a cloud security expert with extensive experience at companies like Credit Karma, Block, and Apple. Together, they explore the c...

9 Marras 202439min

Building Data Perimeter in Cloud in 2024

Building Data Perimeter in Cloud in 2024

In this episode, Ashish gets into the critical topic of data perimeters in AWS with our guest, Tyler Warren, a Lead Cloud Security Engineer at USAA. As cloud environments continue to evolve, the impor...

31 Loka 202456min